Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Handler.exe

Overview

General Information

Sample name:Handler.exe
Analysis ID:1592136
MD5:5fd322ce6e87bae023155e3d548d7280
SHA1:1e193832da505b7416f01a108e134d4cfb56f6e5
SHA256:1d16053d1910ba274b25d60a462fd4e7b75ae1454315dbfcf013b872f02dcdf3
Tags:c2exevidaruser-Lars
Infos:

Detection

DanaBot, PureLog Stealer, Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Attempt to bypass Chrome Application-Bound Encryption
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected DanaBot stealer dll
Yara detected PureLog Stealer
Yara detected Vidar stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Contains functionality to inject code into remote processes
Found many strings related to Crypto-Wallets (likely being stolen)
Injects a PE file into a foreign processes
Machine Learning detection for dropped file
Machine Learning detection for sample
Monitors registry run keys for changes
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Checks if the current process is being debugged
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
One or more processes crash
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries the installation date of Windows
Queries the product ID of Windows
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: Browser Started with Remote Debugging
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • Handler.exe (PID: 4276 cmdline: "C:\Users\user\Desktop\Handler.exe" MD5: 5FD322CE6E87BAE023155E3D548D7280)
    • Handler.exe (PID: 2968 cmdline: "C:\Users\user\Desktop\Handler.exe" MD5: 5FD322CE6E87BAE023155E3D548D7280)
      • chrome.exe (PID: 7056 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
        • chrome.exe (PID: 7260 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2496 --field-trial-handle=2328,i,896341392617718342,12355125796449792821,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • msedge.exe (PID: 7872 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 69222B8101B0601CC6663F8381E7E00F)
        • msedge.exe (PID: 4816 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2752 --field-trial-handle=2536,i,12924977744264181476,18165705626258018536,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
      • us0r9ri58y.exe (PID: 8732 cmdline: "C:\ProgramData\us0r9ri58y.exe" MD5: 0A6AE4DE16757CD121632BAD3A903EDA)
      • cmd.exe (PID: 2460 cmdline: "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\8q9zu" & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • conhost.exe (PID: 8880 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • timeout.exe (PID: 8812 cmdline: timeout /t 10 MD5: 976566BEEFCCA4A159ECBDB2D4B1A3E3)
    • WerFault.exe (PID: 6468 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4276 -s 912 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • msedge.exe (PID: 8148 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7684 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8368 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6920 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8380 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7068 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8752 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6988 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
DanaBotProofpoints describes DanaBot as the latest example of malware focused on persistence and stealing useful information that can later be monetized rather than demanding an immediate ransom from victims. The social engineering in the low-volume DanaBot campaigns we have observed so far has been well-crafted, again pointing to a renewed focus on quality over quantity in email-based threats. DanaBots modular nature enables it to download additional components, increasing the flexibility and robust stealing and remote monitoring capabilities of this banker.
  • SCULLY SPIDER
https://malpedia.caad.fkie.fraunhofer.de/details/win.danabot
NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: Vidar

{"C2 url": "https://steamcommunity.com/profiles/76561199817305251", "Botnet": "fc0stn"}

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
Handler.exeJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security

    PCAP (Network Traffic)

    SourceRuleDescriptionAuthorStrings
    sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security

      Dropped Files

      SourceRuleDescriptionAuthorStrings
      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exeJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exeJoeSecurity_DanaBot_stealer_dllYara detected DanaBot stealer dllJoe Security
          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exeINDICATOR_SUSPICIOUS_GENInfoStealerDetects executables containing common artifcats observed in infostealersditekSHen
          • 0x38fdbe:$f1: FileZilla\recentservers.xml
          • 0x38fd7a:$f2: FileZilla\sitemanager.xml
          • 0x3ba3b0:$b1: Chrome\User Data\
          • 0x3c0e54:$b1: Chrome\User Data\
          • 0x3c1970:$b1: Chrome\User Data\
          • 0x3a1524:$b2: Mozilla\Firefox\Profiles
          • 0x3b52e8:$b3: Software\Microsoft\Internet Explorer\IntelliForms\Storage2
          • 0x3e0170:$b3: Software\Microsoft\Internet Explorer\IntelliForms\Storage2
          • 0x3b3cd2:$b4: Opera Software\Opera Stable\Login Data
          • 0x3ba480:$b5: YandexBrowser\User Data\
          • 0x3d2dee:$s5: account.cfn
          • 0x3b31b0:$s6: wand.dat
          • 0x3b2c64:$a1: username_value
          • 0x3b9224:$a1: username_value
          • 0x3b94f4:$a1: username_value
          • 0x3bb9a8:$a1: username_value
          • 0x3b2c90:$a2: password_value
          • 0x3b927c:$a2: password_value
          • 0x3b954c:$a2: password_value
          • 0x3bba00:$a2: password_value
          • 0x3bcaa4:$a3: encryptedUsername
          C:\ProgramData\us0r9ri58y.exeJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            C:\ProgramData\us0r9ri58y.exeJoeSecurity_DanaBot_stealer_dllYara detected DanaBot stealer dllJoe Security
              Click to see the 1 entries

              Memory Dumps

              SourceRuleDescriptionAuthorStrings
              00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
                00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                  00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                    00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmpinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
                    • 0x53b8d:$str01: MachineID:
                    • 0x53bb6:$str02: Work Dir: In memory
                    • 0x53c50:$str03: [Hardware]
                    • 0x53c85:$str04: VideoCard:
                    • 0x53c92:$str05: [Processes]
                    • 0x53c9f:$str06: [Software]
                    • 0x53cab:$str07: information.txt
                    • 0x53cbc:$str08: %s\*
                    • 0x53df3:$str08: %s\*
                    • 0x52ad4:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
                    • 0x5264f:$str17: build_id
                    • 0x52687:$str18: file_data
                    00000000.00000000.2064432922.0000000000BD2000.00000002.00000001.01000000.00000003.sdmpJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
                      Click to see the 4 entries

                      Unpacked PEs

                      SourceRuleDescriptionAuthorStrings
                      0.2.Handler.exe.4059550.0.unpackJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
                        0.0.Handler.exe.bd0000.0.unpackJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
                          1.2.Handler.exe.400000.0.raw.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                            1.2.Handler.exe.400000.0.raw.unpackinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
                            • 0x53b8d:$str01: MachineID:
                            • 0x53bb6:$str02: Work Dir: In memory
                            • 0x53c50:$str03: [Hardware]
                            • 0x53c85:$str04: VideoCard:
                            • 0x53c92:$str05: [Processes]
                            • 0x53c9f:$str06: [Software]
                            • 0x53cab:$str07: information.txt
                            • 0x53cbc:$str08: %s\*
                            • 0x53df3:$str08: %s\*
                            • 0x52ad4:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
                            • 0x5264f:$str17: build_id
                            • 0x52687:$str18: file_data
                            0.2.Handler.exe.4059550.0.raw.unpackJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
                              Click to see the 3 entries

                              Sigma Signatures

                              System Summary

                              barindex
                              Sigma detected: Browser Started with Remote Debugging
                              Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\Handler.exe", ParentImage: C:\Users\user\Desktop\Handler.exe, ParentProcessId: 2968, ParentProcessName: Handler.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", ProcessId: 7056, ProcessName: chrome.exe

                              Suricata Signatures

                              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                              2025-01-15T20:17:51.998608+010020344651Malware Command and Control Activity Detected192.168.2.550233194.32.76.77443TCP
                              2025-01-15T20:17:53.076910+010020344651Malware Command and Control Activity Detected192.168.2.55023445.76.251.57443TCP
                              2025-01-15T20:17:54.165241+010020344651Malware Command and Control Activity Detected192.168.2.550235194.32.76.77443TCP
                              2025-01-15T20:17:55.240103+010020344651Malware Command and Control Activity Detected192.168.2.55023645.76.251.57443TCP
                              2025-01-15T20:18:03.755453+010020344651Malware Command and Control Activity Detected192.168.2.550241194.32.76.77443TCP
                              2025-01-15T20:18:05.060557+010020344651Malware Command and Control Activity Detected192.168.2.55024245.76.251.57443TCP
                              2025-01-15T20:18:06.160435+010020344651Malware Command and Control Activity Detected192.168.2.550243194.32.76.77443TCP
                              2025-01-15T20:18:07.296624+010020344651Malware Command and Control Activity Detected192.168.2.55024445.76.251.57443TCP
                              2025-01-15T20:18:13.687116+010020344651Malware Command and Control Activity Detected192.168.2.550249194.32.76.77443TCP
                              2025-01-15T20:18:13.754168+010020344651Malware Command and Control Activity Detected192.168.2.55025045.76.251.57443TCP
                              2025-01-15T20:18:13.821719+010020344651Malware Command and Control Activity Detected192.168.2.550251194.32.76.77443TCP
                              2025-01-15T20:18:13.904282+010020344651Malware Command and Control Activity Detected192.168.2.55025245.76.251.57443TCP
                              2025-01-15T20:18:25.097470+010020344651Malware Command and Control Activity Detected192.168.2.550257194.32.76.77443TCP
                              2025-01-15T20:18:26.496340+010020344651Malware Command and Control Activity Detected192.168.2.55025845.76.251.57443TCP
                              2025-01-15T20:18:28.314948+010020344651Malware Command and Control Activity Detected192.168.2.550259194.32.76.77443TCP
                              2025-01-15T20:18:30.468381+010020344651Malware Command and Control Activity Detected192.168.2.55026045.76.251.57443TCP
                              2025-01-15T20:18:33.875993+010020344651Malware Command and Control Activity Detected192.168.2.550269194.32.76.77443TCP
                              2025-01-15T20:18:36.494176+010020344651Malware Command and Control Activity Detected192.168.2.55027045.76.251.57443TCP
                              2025-01-15T20:18:38.633084+010020344651Malware Command and Control Activity Detected192.168.2.550271194.32.76.77443TCP
                              2025-01-15T20:18:40.558233+010020344651Malware Command and Control Activity Detected192.168.2.55027245.76.251.57443TCP
                              2025-01-15T20:18:49.695123+010020344651Malware Command and Control Activity Detected192.168.2.550277194.32.76.77443TCP
                              2025-01-15T20:18:49.798134+010020344651Malware Command and Control Activity Detected192.168.2.55027845.76.251.57443TCP
                              2025-01-15T20:18:49.899707+010020344651Malware Command and Control Activity Detected192.168.2.550279194.32.76.77443TCP
                              2025-01-15T20:18:49.994486+010020344651Malware Command and Control Activity Detected192.168.2.55028045.76.251.57443TCP
                              2025-01-15T20:19:01.358154+010020344651Malware Command and Control Activity Detected192.168.2.550285194.32.76.77443TCP
                              2025-01-15T20:19:03.328542+010020344651Malware Command and Control Activity Detected192.168.2.55028645.76.251.57443TCP
                              2025-01-15T20:19:05.215618+010020344651Malware Command and Control Activity Detected192.168.2.550287194.32.76.77443TCP
                              2025-01-15T20:19:07.129454+010020344651Malware Command and Control Activity Detected192.168.2.55028845.76.251.57443TCP
                              2025-01-15T20:19:10.166155+010020344651Malware Command and Control Activity Detected192.168.2.550293194.32.76.77443TCP
                              2025-01-15T20:19:12.097474+010020344651Malware Command and Control Activity Detected192.168.2.55029445.76.251.57443TCP
                              2025-01-15T20:19:14.088789+010020344651Malware Command and Control Activity Detected192.168.2.550295194.32.76.77443TCP
                              2025-01-15T20:19:16.062978+010020344651Malware Command and Control Activity Detected192.168.2.55029645.76.251.57443TCP
                              2025-01-15T20:19:25.464129+010020344651Malware Command and Control Activity Detected192.168.2.550301194.32.76.77443TCP
                              2025-01-15T20:19:25.559118+010020344651Malware Command and Control Activity Detected192.168.2.55030245.76.251.57443TCP
                              2025-01-15T20:19:25.642253+010020344651Malware Command and Control Activity Detected192.168.2.550303194.32.76.77443TCP
                              2025-01-15T20:19:25.724881+010020344651Malware Command and Control Activity Detected192.168.2.55030445.76.251.57443TCP
                              2025-01-15T20:19:38.315364+010020344651Malware Command and Control Activity Detected192.168.2.550314194.32.76.77443TCP
                              2025-01-15T20:19:40.513593+010020344651Malware Command and Control Activity Detected192.168.2.55031545.76.251.57443TCP
                              2025-01-15T20:19:42.718601+010020344651Malware Command and Control Activity Detected192.168.2.550316194.32.76.77443TCP
                              2025-01-15T20:19:44.975171+010020344651Malware Command and Control Activity Detected192.168.2.55031745.76.251.57443TCP
                              2025-01-15T20:19:48.289577+010020344651Malware Command and Control Activity Detected192.168.2.550322194.32.76.77443TCP
                              2025-01-15T20:19:50.018480+010020344651Malware Command and Control Activity Detected192.168.2.55032445.76.251.57443TCP
                              2025-01-15T20:19:52.235886+010020344651Malware Command and Control Activity Detected192.168.2.550325194.32.76.77443TCP
                              2025-01-15T20:19:54.486236+010020344651Malware Command and Control Activity Detected192.168.2.55032645.76.251.57443TCP
                              2025-01-15T20:20:06.689081+010020344651Malware Command and Control Activity Detected192.168.2.550331194.32.76.77443TCP
                              2025-01-15T20:20:06.771657+010020344651Malware Command and Control Activity Detected192.168.2.55033245.76.251.57443TCP
                              2025-01-15T20:20:06.856552+010020344651Malware Command and Control Activity Detected192.168.2.550333194.32.76.77443TCP
                              2025-01-15T20:20:06.974269+010020344651Malware Command and Control Activity Detected192.168.2.55033445.76.251.57443TCP
                              2025-01-15T20:20:19.589458+010020344651Malware Command and Control Activity Detected192.168.2.550339194.32.76.77443TCP
                              2025-01-15T20:20:22.592140+010020344651Malware Command and Control Activity Detected192.168.2.55034045.76.251.57443TCP
                              2025-01-15T20:20:25.276113+010020344651Malware Command and Control Activity Detected192.168.2.550341194.32.76.77443TCP
                              2025-01-15T20:20:27.477145+010020344651Malware Command and Control Activity Detected192.168.2.55034245.76.251.57443TCP
                              2025-01-15T20:20:31.315847+010020344651Malware Command and Control Activity Detected192.168.2.550347194.32.76.77443TCP
                              2025-01-15T20:20:34.346825+010020344651Malware Command and Control Activity Detected192.168.2.55034845.76.251.57443TCP
                              2025-01-15T20:20:36.776949+010020344651Malware Command and Control Activity Detected192.168.2.550353194.32.76.77443TCP
                              2025-01-15T20:20:40.341709+010020344651Malware Command and Control Activity Detected192.168.2.55035445.76.251.57443TCP
                              2025-01-15T20:20:53.963375+010020344651Malware Command and Control Activity Detected192.168.2.550359194.32.76.77443TCP
                              2025-01-15T20:20:54.076474+010020344651Malware Command and Control Activity Detected192.168.2.55036045.76.251.57443TCP
                              2025-01-15T20:20:55.172218+010020344651Malware Command and Control Activity Detected192.168.2.550361194.32.76.77443TCP
                              2025-01-15T20:20:55.247598+010020344651Malware Command and Control Activity Detected192.168.2.55036245.76.251.57443TCP
                              2025-01-15T20:21:02.920261+010020344651Malware Command and Control Activity Detected192.168.2.550367194.32.76.77443TCP
                              2025-01-15T20:21:03.973539+010020344651Malware Command and Control Activity Detected192.168.2.55036845.76.251.57443TCP
                              2025-01-15T20:21:05.037404+010020344651Malware Command and Control Activity Detected192.168.2.550369194.32.76.77443TCP
                              2025-01-15T20:21:06.123673+010020344651Malware Command and Control Activity Detected192.168.2.55037045.76.251.57443TCP
                              2025-01-15T20:21:08.431164+010020344651Malware Command and Control Activity Detected192.168.2.550375194.32.76.77443TCP
                              2025-01-15T20:21:09.513404+010020344651Malware Command and Control Activity Detected192.168.2.55037645.76.251.57443TCP
                              2025-01-15T20:21:10.583396+010020344651Malware Command and Control Activity Detected192.168.2.550377194.32.76.77443TCP
                              2025-01-15T20:21:11.690409+010020344651Malware Command and Control Activity Detected192.168.2.55037845.76.251.57443TCP
                              2025-01-15T20:21:17.150696+010020344651Malware Command and Control Activity Detected192.168.2.550383194.32.76.77443TCP
                              2025-01-15T20:21:17.219318+010020344651Malware Command and Control Activity Detected192.168.2.55038445.76.251.57443TCP
                              2025-01-15T20:21:17.278993+010020344651Malware Command and Control Activity Detected192.168.2.550386194.32.76.77443TCP
                              2025-01-15T20:21:17.325112+010020344651Malware Command and Control Activity Detected192.168.2.55038745.76.251.57443TCP
                              2025-01-15T20:21:24.708407+010020344651Malware Command and Control Activity Detected192.168.2.550392194.32.76.77443TCP
                              2025-01-15T20:21:25.778499+010020344651Malware Command and Control Activity Detected192.168.2.55039345.76.251.57443TCP
                              2025-01-15T20:21:26.883319+010020344651Malware Command and Control Activity Detected192.168.2.550394194.32.76.77443TCP
                              2025-01-15T20:21:27.967576+010020344651Malware Command and Control Activity Detected192.168.2.55039545.76.251.57443TCP
                              2025-01-15T20:21:30.358496+010020344651Malware Command and Control Activity Detected192.168.2.550400194.32.76.77443TCP
                              2025-01-15T20:21:31.433444+010020344651Malware Command and Control Activity Detected192.168.2.55040145.76.251.57443TCP
                              2025-01-15T20:21:32.513407+010020344651Malware Command and Control Activity Detected192.168.2.550402194.32.76.77443TCP
                              2025-01-15T20:21:33.612902+010020344651Malware Command and Control Activity Detected192.168.2.55040345.76.251.57443TCP
                              2025-01-15T20:21:38.971622+010020344651Malware Command and Control Activity Detected192.168.2.550408194.32.76.77443TCP
                              2025-01-15T20:21:39.022759+010020344651Malware Command and Control Activity Detected192.168.2.55040945.76.251.57443TCP
                              2025-01-15T20:21:39.113564+010020344651Malware Command and Control Activity Detected192.168.2.550410194.32.76.77443TCP
                              2025-01-15T20:21:39.165919+010020344651Malware Command and Control Activity Detected192.168.2.55041145.76.251.57443TCP
                              2025-01-15T20:21:46.576684+010020344651Malware Command and Control Activity Detected192.168.2.550416194.32.76.77443TCP
                              2025-01-15T20:21:47.642464+010020344651Malware Command and Control Activity Detected192.168.2.55041745.76.251.57443TCP
                              2025-01-15T20:21:48.727329+010020344651Malware Command and Control Activity Detected192.168.2.550418194.32.76.77443TCP
                              2025-01-15T20:21:49.797362+010020344651Malware Command and Control Activity Detected192.168.2.55041945.76.251.57443TCP
                              2025-01-15T20:21:53.154085+010020344651Malware Command and Control Activity Detected192.168.2.550424194.32.76.77443TCP
                              2025-01-15T20:21:54.238451+010020344651Malware Command and Control Activity Detected192.168.2.55042545.76.251.57443TCP
                              2025-01-15T20:21:55.324576+010020344651Malware Command and Control Activity Detected192.168.2.550426194.32.76.77443TCP
                              2025-01-15T20:21:56.401480+010020344651Malware Command and Control Activity Detected192.168.2.55042745.76.251.57443TCP
                              2025-01-15T20:22:02.754800+010020344651Malware Command and Control Activity Detected192.168.2.550432194.32.76.77443TCP
                              2025-01-15T20:22:02.824784+010020344651Malware Command and Control Activity Detected192.168.2.55043345.76.251.57443TCP
                              2025-01-15T20:22:02.879427+010020344651Malware Command and Control Activity Detected192.168.2.550434194.32.76.77443TCP
                              2025-01-15T20:22:02.937630+010020344651Malware Command and Control Activity Detected192.168.2.55043545.76.251.57443TCP
                              2025-01-15T20:22:10.338514+010020344651Malware Command and Control Activity Detected192.168.2.550440194.32.76.77443TCP
                              2025-01-15T20:22:11.423189+010020344651Malware Command and Control Activity Detected192.168.2.55044145.76.251.57443TCP
                              2025-01-15T20:22:12.523479+010020344651Malware Command and Control Activity Detected192.168.2.550442194.32.76.77443TCP
                              2025-01-15T20:22:13.606522+010020344651Malware Command and Control Activity Detected192.168.2.55044345.76.251.57443TCP
                              2025-01-15T20:22:16.938813+010020344651Malware Command and Control Activity Detected192.168.2.550448194.32.76.77443TCP
                              2025-01-15T20:22:18.022504+010020344651Malware Command and Control Activity Detected192.168.2.55044945.76.251.57443TCP
                              2025-01-15T20:22:19.099576+010020344651Malware Command and Control Activity Detected192.168.2.550450194.32.76.77443TCP
                              2025-01-15T20:22:20.174415+010020344651Malware Command and Control Activity Detected192.168.2.55045145.76.251.57443TCP
                              2025-01-15T20:22:26.620031+010020344651Malware Command and Control Activity Detected192.168.2.550456194.32.76.77443TCP
                              2025-01-15T20:22:26.684872+010020344651Malware Command and Control Activity Detected192.168.2.55045745.76.251.57443TCP
                              2025-01-15T20:22:26.735919+010020344651Malware Command and Control Activity Detected192.168.2.550458194.32.76.77443TCP
                              2025-01-15T20:22:26.780429+010020344651Malware Command and Control Activity Detected192.168.2.55045945.76.251.57443TCP
                              2025-01-15T20:22:34.234785+010020344651Malware Command and Control Activity Detected192.168.2.550464194.32.76.77443TCP
                              2025-01-15T20:22:35.312456+010020344651Malware Command and Control Activity Detected192.168.2.55046545.76.251.57443TCP
                              2025-01-15T20:22:36.370627+010020344651Malware Command and Control Activity Detected192.168.2.550466194.32.76.77443TCP
                              2025-01-15T20:22:37.471267+010020344651Malware Command and Control Activity Detected192.168.2.55046745.76.251.57443TCP
                              2025-01-15T20:22:40.842623+010020344651Malware Command and Control Activity Detected192.168.2.550472194.32.76.77443TCP
                              2025-01-15T20:22:41.922196+010020344651Malware Command and Control Activity Detected192.168.2.55047345.76.251.57443TCP
                              2025-01-15T20:22:43.002152+010020344651Malware Command and Control Activity Detected192.168.2.550474194.32.76.77443TCP
                              2025-01-15T20:22:44.085932+010020344651Malware Command and Control Activity Detected192.168.2.55047545.76.251.57443TCP
                              2025-01-15T20:22:49.511855+010020344651Malware Command and Control Activity Detected192.168.2.550480194.32.76.77443TCP
                              2025-01-15T20:22:49.576675+010020344651Malware Command and Control Activity Detected192.168.2.55048145.76.251.57443TCP
                              2025-01-15T20:22:49.636624+010020344651Malware Command and Control Activity Detected192.168.2.550482194.32.76.77443TCP
                              2025-01-15T20:22:49.699671+010020344651Malware Command and Control Activity Detected192.168.2.55048345.76.251.57443TCP
                              2025-01-15T20:22:57.118436+010020344651Malware Command and Control Activity Detected192.168.2.550488194.32.76.77443TCP
                              2025-01-15T20:22:58.197438+010020344651Malware Command and Control Activity Detected192.168.2.55048945.76.251.57443TCP
                              2025-01-15T20:22:59.268214+010020344651Malware Command and Control Activity Detected192.168.2.550490194.32.76.77443TCP
                              2025-01-15T20:23:00.344588+010020344651Malware Command and Control Activity Detected192.168.2.55049145.76.251.57443TCP
                              2025-01-15T20:23:03.650451+010020344651Malware Command and Control Activity Detected192.168.2.550496194.32.76.77443TCP
                              2025-01-15T20:23:04.724974+010020344651Malware Command and Control Activity Detected192.168.2.55049745.76.251.57443TCP
                              2025-01-15T20:23:05.804664+010020344651Malware Command and Control Activity Detected192.168.2.550498194.32.76.77443TCP
                              2025-01-15T20:23:06.870449+010020344651Malware Command and Control Activity Detected192.168.2.55049945.76.251.57443TCP
                              2025-01-15T20:23:12.176679+010020344651Malware Command and Control Activity Detected192.168.2.550504194.32.76.77443TCP
                              2025-01-15T20:23:12.224251+010020344651Malware Command and Control Activity Detected192.168.2.55050545.76.251.57443TCP
                              2025-01-15T20:23:12.274676+010020344651Malware Command and Control Activity Detected192.168.2.550506194.32.76.77443TCP
                              2025-01-15T20:23:12.314757+010020344651Malware Command and Control Activity Detected192.168.2.55050745.76.251.57443TCP
                              2025-01-15T20:23:19.678605+010020344651Malware Command and Control Activity Detected192.168.2.550512194.32.76.77443TCP
                              2025-01-15T20:23:20.730143+010020344651Malware Command and Control Activity Detected192.168.2.55051345.76.251.57443TCP
                              2025-01-15T20:23:21.793063+010020344651Malware Command and Control Activity Detected192.168.2.550514194.32.76.77443TCP
                              2025-01-15T20:23:22.863783+010020344651Malware Command and Control Activity Detected192.168.2.55051545.76.251.57443TCP
                              2025-01-15T20:23:25.216869+010020344651Malware Command and Control Activity Detected192.168.2.550520194.32.76.77443TCP
                              2025-01-15T20:23:26.278642+010020344651Malware Command and Control Activity Detected192.168.2.55052145.76.251.57443TCP
                              2025-01-15T20:23:27.352514+010020344651Malware Command and Control Activity Detected192.168.2.550522194.32.76.77443TCP
                              2025-01-15T20:23:28.425593+010020344651Malware Command and Control Activity Detected192.168.2.55052345.76.251.57443TCP
                              2025-01-15T20:23:33.832820+010020344651Malware Command and Control Activity Detected192.168.2.550528194.32.76.77443TCP
                              2025-01-15T20:23:33.876649+010020344651Malware Command and Control Activity Detected192.168.2.55052945.76.251.57443TCP
                              2025-01-15T20:23:33.933266+010020344651Malware Command and Control Activity Detected192.168.2.550530194.32.76.77443TCP
                              2025-01-15T20:23:33.984697+010020344651Malware Command and Control Activity Detected192.168.2.55053145.76.251.57443TCP
                              2025-01-15T20:23:41.385460+010020344651Malware Command and Control Activity Detected192.168.2.550536194.32.76.77443TCP
                              2025-01-15T20:23:42.449437+010020344651Malware Command and Control Activity Detected192.168.2.55053745.76.251.57443TCP
                              2025-01-15T20:23:43.515725+010020344651Malware Command and Control Activity Detected192.168.2.550538194.32.76.77443TCP
                              2025-01-15T20:23:44.586374+010020344651Malware Command and Control Activity Detected192.168.2.55053945.76.251.57443TCP
                              2025-01-15T20:23:46.842732+010020344651Malware Command and Control Activity Detected192.168.2.550544194.32.76.77443TCP
                              2025-01-15T20:23:47.932677+010020344651Malware Command and Control Activity Detected192.168.2.55054545.76.251.57443TCP
                              2025-01-15T20:23:49.015522+010020344651Malware Command and Control Activity Detected192.168.2.550546194.32.76.77443TCP
                              2025-01-15T20:23:50.096977+010020344651Malware Command and Control Activity Detected192.168.2.55054745.76.251.57443TCP
                              2025-01-15T20:23:55.438500+010020344651Malware Command and Control Activity Detected192.168.2.550552194.32.76.77443TCP
                              2025-01-15T20:23:55.499510+010020344651Malware Command and Control Activity Detected192.168.2.55055345.76.251.57443TCP
                              2025-01-15T20:23:55.551388+010020344651Malware Command and Control Activity Detected192.168.2.550554194.32.76.77443TCP
                              2025-01-15T20:23:55.613988+010020344651Malware Command and Control Activity Detected192.168.2.55055545.76.251.57443TCP
                              2025-01-15T20:24:02.961195+010020344651Malware Command and Control Activity Detected192.168.2.550560194.32.76.77443TCP
                              2025-01-15T20:24:04.024201+010020344651Malware Command and Control Activity Detected192.168.2.55056145.76.251.57443TCP
                              2025-01-15T20:24:05.132710+010020344651Malware Command and Control Activity Detected192.168.2.550562194.32.76.77443TCP
                              2025-01-15T20:24:06.213096+010020344651Malware Command and Control Activity Detected192.168.2.55056345.76.251.57443TCP
                              2025-01-15T20:24:08.513442+010020344651Malware Command and Control Activity Detected192.168.2.550568194.32.76.77443TCP
                              2025-01-15T20:24:09.587109+010020344651Malware Command and Control Activity Detected192.168.2.55056945.76.251.57443TCP
                              2025-01-15T20:24:10.657483+010020344651Malware Command and Control Activity Detected192.168.2.550570194.32.76.77443TCP
                              2025-01-15T20:24:11.752896+010020344651Malware Command and Control Activity Detected192.168.2.55057145.76.251.57443TCP
                              2025-01-15T20:24:17.143548+010020344651Malware Command and Control Activity Detected192.168.2.550576194.32.76.77443TCP
                              2025-01-15T20:24:17.191004+010020344651Malware Command and Control Activity Detected192.168.2.55057745.76.251.57443TCP
                              2025-01-15T20:24:17.254899+010020344651Malware Command and Control Activity Detected192.168.2.550578194.32.76.77443TCP
                              2025-01-15T20:24:17.327636+010020344651Malware Command and Control Activity Detected192.168.2.55057945.76.251.57443TCP
                              2025-01-15T20:24:24.691013+010020344651Malware Command and Control Activity Detected192.168.2.550584194.32.76.77443TCP
                              2025-01-15T20:24:25.763652+010020344651Malware Command and Control Activity Detected192.168.2.55058545.76.251.57443TCP
                              2025-01-15T20:24:26.844766+010020344651Malware Command and Control Activity Detected192.168.2.550586194.32.76.77443TCP
                              2025-01-15T20:24:27.906819+010020344651Malware Command and Control Activity Detected192.168.2.55058745.76.251.57443TCP
                              2025-01-15T20:24:30.190886+010020344651Malware Command and Control Activity Detected192.168.2.550592194.32.76.77443TCP
                              2025-01-15T20:24:31.250027+010020344651Malware Command and Control Activity Detected192.168.2.55059345.76.251.57443TCP
                              2025-01-15T20:24:32.334755+010020344651Malware Command and Control Activity Detected192.168.2.550594194.32.76.77443TCP
                              2025-01-15T20:24:33.399847+010020344651Malware Command and Control Activity Detected192.168.2.55059545.76.251.57443TCP
                              2025-01-15T20:24:39.802154+010020344651Malware Command and Control Activity Detected192.168.2.550600194.32.76.77443TCP
                              2025-01-15T20:24:39.853070+010020344651Malware Command and Control Activity Detected192.168.2.55060145.76.251.57443TCP
                              2025-01-15T20:24:40.909327+010020344651Malware Command and Control Activity Detected192.168.2.550602194.32.76.77443TCP
                              2025-01-15T20:24:40.955093+010020344651Malware Command and Control Activity Detected192.168.2.55060345.76.251.57443TCP
                              2025-01-15T20:24:48.342784+010020344651Malware Command and Control Activity Detected192.168.2.550608194.32.76.77443TCP
                              2025-01-15T20:24:49.424429+010020344651Malware Command and Control Activity Detected192.168.2.55060945.76.251.57443TCP
                              2025-01-15T20:24:50.479537+010020344651Malware Command and Control Activity Detected192.168.2.550610194.32.76.77443TCP
                              2025-01-15T20:24:51.547690+010020344651Malware Command and Control Activity Detected192.168.2.55061145.76.251.57443TCP
                              2025-01-15T20:24:53.877255+010020344651Malware Command and Control Activity Detected192.168.2.550616194.32.76.77443TCP
                              2025-01-15T20:24:54.942240+010020344651Malware Command and Control Activity Detected192.168.2.55061745.76.251.57443TCP
                              2025-01-15T20:24:56.017142+010020344651Malware Command and Control Activity Detected192.168.2.550618194.32.76.77443TCP
                              2025-01-15T20:24:57.088493+010020344651Malware Command and Control Activity Detected192.168.2.55061945.76.251.57443TCP
                              2025-01-15T20:25:02.463979+010020344651Malware Command and Control Activity Detected192.168.2.550624194.32.76.77443TCP
                              2025-01-15T20:25:03.549411+010020344651Malware Command and Control Activity Detected192.168.2.55062545.76.251.57443TCP
                              2025-01-15T20:25:03.620400+010020344651Malware Command and Control Activity Detected192.168.2.550626194.32.76.77443TCP
                              2025-01-15T20:25:03.695563+010020344651Malware Command and Control Activity Detected192.168.2.55062745.76.251.57443TCP
                              2025-01-15T20:25:11.053002+010020344651Malware Command and Control Activity Detected192.168.2.550632194.32.76.77443TCP
                              2025-01-15T20:25:12.106939+010020344651Malware Command and Control Activity Detected192.168.2.55063345.76.251.57443TCP
                              2025-01-15T20:25:13.200506+010020344651Malware Command and Control Activity Detected192.168.2.550634194.32.76.77443TCP
                              2025-01-15T20:25:14.265167+010020344651Malware Command and Control Activity Detected192.168.2.55063545.76.251.57443TCP
                              2025-01-15T20:25:16.531681+010020344651Malware Command and Control Activity Detected192.168.2.550640194.32.76.77443TCP
                              2025-01-15T20:25:17.627826+010020344651Malware Command and Control Activity Detected192.168.2.55064145.76.251.57443TCP
                              2025-01-15T20:25:18.713838+010020344651Malware Command and Control Activity Detected192.168.2.550642194.32.76.77443TCP
                              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                              2025-01-15T20:16:09.679913+010020442471Malware Command and Control Activity Detected116.203.164.230443192.168.2.549714TCP
                              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                              2025-01-15T20:16:11.027561+010020518311Malware Command and Control Activity Detected116.203.164.230443192.168.2.549715TCP
                              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                              2025-01-15T20:16:08.418065+010020490871A Network Trojan was detected192.168.2.549712116.203.164.230443TCP
                              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                              2025-01-15T20:16:54.138558+010028032702Potentially Bad Traffic192.168.2.550137162.0.209.157443TCP
                              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                              2025-01-15T20:16:07.070284+010028593781Malware Command and Control Activity Detected192.168.2.549707116.203.164.230443TCP

                              Joe Sandbox Signatures

                              Click to jump to signature section

                              Show All Signature Results

                              AV Detection

                              barindex
                              Found malware configuration
                              Source: 00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmpMalware Configuration Extractor: Vidar {"C2 url": "https://steamcommunity.com/profiles/76561199817305251", "Botnet": "fc0stn"}
                              Multi AV Scanner detection for dropped file
                              Source: C:\ProgramData\us0r9ri58y.exeReversingLabs: Detection: 83%
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exeReversingLabs: Detection: 83%
                              Multi AV Scanner detection for submitted file
                              Source: Handler.exeVirustotal: Detection: 29%Perma Link
                              Source: Handler.exeReversingLabs: Detection: 28%
                              Yara detected DanaBot stealer dll
                              Source: Yara matchFile source: 22.0.us0r9ri58y.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000016.00000000.2625608895.0000000000419000.00000020.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, type: DROPPED
                              Source: Yara matchFile source: C:\ProgramData\us0r9ri58y.exe, type: DROPPED
                              AI detected suspicious sample
                              Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                              Machine Learning detection for dropped file
                              Source: C:\ProgramData\us0r9ri58y.exeJoe Sandbox ML: detected
                              Machine Learning detection for sample
                              Source: Handler.exeJoe Sandbox ML: detected
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040C009 CryptUnprotectData,1_2_0040C009
                              Source: Handler.exeStatic PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                              Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49769 version: TLS 1.0
                              Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.5:49704 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 116.203.164.230:443 -> 192.168.2.5:49705 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 162.0.209.157:443 -> 192.168.2.5:50137 version: TLS 1.2
                              Source: Handler.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                              Source: Binary string: Handler.pdbx source: Handler.exe, 00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmp, Handler.exe, 00000000.00000000.2064432922.0000000000BD2000.00000002.00000001.01000000.00000003.sdmp
                              Source: Binary string: Handler.pdb source: Handler.exe, 00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmp, Handler.exe, 00000000.00000000.2064432922.0000000000BD2000.00000002.00000001.01000000.00000003.sdmp
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041008C FindFirstFileA,1_2_0041008C
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004291EA FindFirstFileA,1_2_004291EA
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00428248 FindFirstFileA,memset,memset,1_2_00428248
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042A4E5 FindFirstFileA,1_2_0042A4E5
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040E749 FindFirstFileA,1_2_0040E749
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040177C FindFirstFileA,1_2_0040177C
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00412AC9 FindFirstFileA,1_2_00412AC9
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040CCEA FindFirstFileA,1_2_0040CCEA
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042BD1E FindFirstFileA,1_2_0042BD1E
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004018DA FindFirstFileA,1_2_004018DA
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00428DDA GetLogicalDriveStringsA,1_2_00428DDA
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
                              Source: chrome.exeMemory has grown: Private usage: 20MB later: 39MB

                              Networking

                              barindex
                              Suricata IDS alerts for network traffic
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50236 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50233 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50243 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50235 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50244 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50234 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50249 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50257 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50269 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50250 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50242 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50271 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50252 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50270 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50251 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50278 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50241 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50260 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50287 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50279 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50280 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50303 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50314 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50272 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50259 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50317 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50258 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50295 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50316 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50293 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50322 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50296 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50301 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50285 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50324 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50286 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50302 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50304 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50277 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50294 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50288 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50315 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50325 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50331 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50326 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50332 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50339 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50340 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50342 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50334 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50341 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50348 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50353 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50347 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50361 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50354 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50360 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50369 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50368 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50362 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50370 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50383 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50367 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50384 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50378 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50392 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50387 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50395 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50375 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50402 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50376 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50410 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50393 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50411 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50401 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50419 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50359 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50403 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50394 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50409 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50416 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50425 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50418 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50417 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50432 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50386 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50400 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50434 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50443 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50442 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50441 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50448 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50450 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50427 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50459 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50426 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50440 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50424 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50449 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50457 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50456 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50464 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50472 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50458 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50488 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50474 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50433 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50333 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50465 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50489 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50491 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50505 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50475 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50490 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50435 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50481 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50514 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50504 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50482 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50483 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50377 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50507 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50473 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50513 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50451 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50538 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50497 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50544 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50496 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50520 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50537 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50531 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50523 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50561 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50506 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50562 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50553 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50536 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50466 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50568 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50515 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50578 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50467 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50571 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50570 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50528 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50576 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50498 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50554 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50499 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50529 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50547 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50546 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50592 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50522 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50601 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50594 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50480 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50577 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50555 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50584 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50552 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50593 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50608 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50579 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50611 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50610 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50618 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50617 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50408 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50635 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50545 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50616 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50603 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50563 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50530 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50586 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50632 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50609 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50585 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50627 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50619 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50641 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50600 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50521 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50642 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50569 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50633 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50587 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50624 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50602 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50560 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50539 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50626 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50640 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50512 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50595 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50634 -> 194.32.76.77:443
                              Source: Network trafficSuricata IDS: 2034465 - Severity 1 - ET MALWARE Danabot Key Exchange Request : 192.168.2.5:50625 -> 45.76.251.57:443
                              Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M1 : 192.168.2.5:49712 -> 116.203.164.230:443
                              Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 116.203.164.230:443 -> 192.168.2.5:49715
                              Source: Network trafficSuricata IDS: 2859378 - Severity 1 - ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M2 : 192.168.2.5:49707 -> 116.203.164.230:443
                              Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 116.203.164.230:443 -> 192.168.2.5:49714
                              C2 URLs / IPs found in malware configuration
                              Source: Malware configuration extractorURLs: https://steamcommunity.com/profiles/76561199817305251
                              Source: global trafficHTTP traffic detected: GET /w0ctzn HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
                              Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
                              Source: Joe Sandbox ViewIP Address: 18.244.18.38 18.244.18.38
                              Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
                              Source: Joe Sandbox ViewASN Name: AS-CHOOPAUS AS-CHOOPAUS
                              Source: Joe Sandbox ViewASN Name: HETZNER-ASDE HETZNER-ASDE
                              Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
                              Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
                              Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:50137 -> 162.0.209.157:443
                              Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49769 version: TLS 1.0
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 194.32.76.77
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: unknownTCP traffic detected without corresponding DNS query: 45.76.251.57
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040A09E recv,1_2_0040A09E
                              Source: global trafficHTTP traffic detected: GET /w0ctzn HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
                              Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0Host: legalize.liveConnection: Keep-AliveCache-Control: no-cache
                              Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                              Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIlKHLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                              Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                              Source: global trafficHTTP traffic detected: GET /crx/blobs/AcmIXbpGoRruM6Rg2pdHIUfNGnvAwJcqpFoWJV4Xd6PeYFnv5YpJ0-GVzjWL6XpCDzrg9cVo2bTwfPVau85UdyeFfZQe-rOdS7oyguq-391NmfeQd9WZZkjpgIbL1I5KKEcAxlKa5Z8JDrufy52udyO9TokqhOw4Sbnj/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                              Source: global trafficHTTP traffic detected: GET /b?rn=1736968595850&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=370FFD26CB8D69B80FE6E853CA946810&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                              Source: global trafficHTTP traffic detected: GET /b2?rn=1736968595850&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=370FFD26CB8D69B80FE6E853CA946810&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: UID=131194da2a1242855bd247f1736968598; XID=131194da2a1242855bd247f1736968598
                              Source: global trafficHTTP traffic detected: GET /CrypterTest1.exe HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0Host: yachtingiturkey.comCache-Control: no-cache
                              Source: chrome.exe, 00000007.00000003.2180083423.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180160884.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2179803951.00001B0C00390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: const FACEBOOK_APP_ID=738026486351791;class DoodleShareDialogElement extends PolymerElement{static get is(){return"ntp-doodle-share-dialog"}static get template(){return getTemplate$3()}static get properties(){return{title:String,url:Object}}onFacebookClick_(){const url="https://www.facebook.com/dialog/share"+`?app_id=${FACEBOOK_APP_ID}`+`&href=${encodeURIComponent(this.url.url)}`+`&hashtag=${encodeURIComponent("#GoogleDoodle")}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kFacebook)}onTwitterClick_(){const url="https://twitter.com/intent/tweet"+`?text=${encodeURIComponent(`${this.title}\n${this.url.url}`)}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kTwitter)}onEmailClick_(){const url=`mailto:?subject=${encodeURIComponent(this.title)}`+`&body=${encodeURIComponent(this.url.url)}`;WindowProxy.getInstance().navigate(url);this.notifyShare_(DoodleShareChannel.kEmail)}onCopyClick_(){this.$.url.select();navigator.clipboard.writeText(this.url.url);this.notifyShare_(DoodleShareChannel.kLinkCopy)}onCloseClick_(){this.$.dialog.close()}notifyShare_(channel){this.dispatchEvent(new CustomEvent("share",{detail:channel}))}}customElements.define(DoodleShareDialogElement.is,DoodleShareDialogElement);function getTemplate$2(){return html`<!--_html_template_start_--><style include="cr-hidden-style">:host{--ntp-logo-height:200px;display:flex;flex-direction:column;flex-shrink:0;justify-content:flex-end;min-height:var(--ntp-logo-height)}:host([reduced-logo-space-enabled_]){--ntp-logo-height:168px}:host([doodle-boxed_]){justify-content:flex-end}#logo{forced-color-adjust:none;height:92px;width:272px}:host([single-colored]) #logo{-webkit-mask-image:url(icons/google_logo.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-size:100%;background-color:var(--ntp-logo-color)}:host(:not([single-colored])) #logo{background-image:url(icons/google_logo.svg)}#imageDoodle{cursor:pointer;outline:0}#imageDoodle[tabindex='-1']{cursor:auto}:host([doodle-boxed_]) #imageDoodle{background-color:var(--ntp-logo-box-color);border-radius:20px;padding:16px 24px}:host-context(.focus-outline-visible) #imageDoodle:focus{box-shadow:0 0 0 2px rgba(var(--google-blue-600-rgb),.4)}#imageContainer{display:flex;height:fit-content;position:relative;width:fit-content}#image{max-height:var(--ntp-logo-height);max-width:100%}:host([doodle-boxed_]) #image{max-height:160px}:host([doodle-boxed_][reduced-logo-space-enabled_]) #image{max-height:128px}#animation{height:100%;pointer-events:none;position:absolute;width:100%}#shareButton{background-color:var(--ntp-logo-share-button-background-color,none);border:none;height:var(--ntp-logo-share-button-height,0);left:var(--ntp-logo-share-button-x,0);min-width:var(--ntp-logo-share-button-width,0);opacity:.8;outline:initial;padding:2px;position:absolute;top:var(--ntp-logo-share-button-y,0);width:var(--ntp-logo-share-button-width,0)}#shareButton:hover{opacity:1}#shareButton img{height:100%;width:100%}#iframe{border:none;
                              Source: chrome.exe, 00000007.00000003.2180083423.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180160884.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2179803951.00001B0C00390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: const FACEBOOK_APP_ID=738026486351791;class DoodleShareDialogElement extends PolymerElement{static get is(){return"ntp-doodle-share-dialog"}static get template(){return getTemplate$3()}static get properties(){return{title:String,url:Object}}onFacebookClick_(){const url="https://www.facebook.com/dialog/share"+`?app_id=${FACEBOOK_APP_ID}`+`&href=${encodeURIComponent(this.url.url)}`+`&hashtag=${encodeURIComponent("#GoogleDoodle")}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kFacebook)}onTwitterClick_(){const url="https://twitter.com/intent/tweet"+`?text=${encodeURIComponent(`${this.title}\n${this.url.url}`)}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kTwitter)}onEmailClick_(){const url=`mailto:?subject=${encodeURIComponent(this.title)}`+`&body=${encodeURIComponent(this.url.url)}`;WindowProxy.getInstance().navigate(url);this.notifyShare_(DoodleShareChannel.kEmail)}onCopyClick_(){this.$.url.select();navigator.clipboard.writeText(this.url.url);this.notifyShare_(DoodleShareChannel.kLinkCopy)}onCloseClick_(){this.$.dialog.close()}notifyShare_(channel){this.dispatchEvent(new CustomEvent("share",{detail:channel}))}}customElements.define(DoodleShareDialogElement.is,DoodleShareDialogElement);function getTemplate$2(){return html`<!--_html_template_start_--><style include="cr-hidden-style">:host{--ntp-logo-height:200px;display:flex;flex-direction:column;flex-shrink:0;justify-content:flex-end;min-height:var(--ntp-logo-height)}:host([reduced-logo-space-enabled_]){--ntp-logo-height:168px}:host([doodle-boxed_]){justify-content:flex-end}#logo{forced-color-adjust:none;height:92px;width:272px}:host([single-colored]) #logo{-webkit-mask-image:url(icons/google_logo.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-size:100%;background-color:var(--ntp-logo-color)}:host(:not([single-colored])) #logo{background-image:url(icons/google_logo.svg)}#imageDoodle{cursor:pointer;outline:0}#imageDoodle[tabindex='-1']{cursor:auto}:host([doodle-boxed_]) #imageDoodle{background-color:var(--ntp-logo-box-color);border-radius:20px;padding:16px 24px}:host-context(.focus-outline-visible) #imageDoodle:focus{box-shadow:0 0 0 2px rgba(var(--google-blue-600-rgb),.4)}#imageContainer{display:flex;height:fit-content;position:relative;width:fit-content}#image{max-height:var(--ntp-logo-height);max-width:100%}:host([doodle-boxed_]) #image{max-height:160px}:host([doodle-boxed_][reduced-logo-space-enabled_]) #image{max-height:128px}#animation{height:100%;pointer-events:none;position:absolute;width:100%}#shareButton{background-color:var(--ntp-logo-share-button-background-color,none);border:none;height:var(--ntp-logo-share-button-height,0);left:var(--ntp-logo-share-button-x,0);min-width:var(--ntp-logo-share-button-width,0);opacity:.8;outline:initial;padding:2px;position:absolute;top:var(--ntp-logo-share-button-y,0);width:var(--ntp-logo-share-button-width,0)}#shareButton:hover{opacity:1}#shareButton img{height:100%;width:100%}#iframe{border:none;
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/< equals www.youtube.com (Youtube)
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytca equals www.youtube.com (Youtube)
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/Q equals www.youtube.com (Youtube)
                              Source: chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.html equals www.youtube.com (Youtube)
                              Source: chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.htmllt equals www.youtube.com (Youtube)
                              Source: global trafficDNS traffic detected: DNS query: t.me
                              Source: global trafficDNS traffic detected: DNS query: legalize.live
                              Source: global trafficDNS traffic detected: DNS query: www.google.com
                              Source: global trafficDNS traffic detected: DNS query: apis.google.com
                              Source: global trafficDNS traffic detected: DNS query: play.google.com
                              Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
                              Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
                              Source: global trafficDNS traffic detected: DNS query: sb.scorecardresearch.com
                              Source: global trafficDNS traffic detected: DNS query: assets.msn.com
                              Source: global trafficDNS traffic detected: DNS query: c.msn.com
                              Source: global trafficDNS traffic detected: DNS query: api.msn.com
                              Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
                              Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
                              Source: global trafficDNS traffic detected: DNS query: browser.events.data.msn.com
                              Source: global trafficDNS traffic detected: DNS query: yachtingiturkey.com
                              Source: global trafficDNS traffic detected: DNS query: r.msftstatic.com
                              Source: unknownDoH DNS queries detected: name: assets.msn.com
                              Source: unknownDoH DNS queries detected: name: assets.msn.com
                              Source: unknownDoH DNS queries detected: name: c.msn.com
                              Source: unknownDoH DNS queries detected: name: c.msn.com
                              Source: unknownDoH DNS queries detected: name: sb.scorecardresearch.com
                              Source: unknownDoH DNS queries detected: name: sb.scorecardresearch.com
                              Source: unknownDoH DNS queries detected: name: ntp.msn.com
                              Source: unknownDoH DNS queries detected: name: ntp.msn.com
                              Source: unknownDoH DNS queries detected: name: r.msftstatic.com
                              Source: unknownDoH DNS queries detected: name: r.msftstatic.com
                              Source: unknownDoH DNS queries detected: name: browser.events.data.msn.com
                              Source: unknownDoH DNS queries detected: name: browser.events.data.msn.com
                              Source: unknownDoH DNS queries detected: name: bzib.nelreports.net
                              Source: unknownDoH DNS queries detected: name: bzib.nelreports.net
                              Source: unknownDoH DNS queries detected: name: ntp.msn.com
                              Source: unknownDoH DNS queries detected: name: ntp.msn.com
                              Source: unknownHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----ycjwbimo8yukn79hlnglUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0Host: legalize.liveContent-Length: 256Connection: Keep-AliveCache-Control: no-cache
                              Source: us0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpString found in binary or memory: http://.css
                              Source: us0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpString found in binary or memory: http://.jpg
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2338388285.000079D40258C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2338388285.000079D40258C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2338388285.000079D40258C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2338388285.000079D40258C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
                              Source: us0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpString found in binary or memory: http://html4/loose.dtd
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
                              Source: chrome.exe, 00000007.00000003.2181571065.00001B0C00FC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180846337.00001B0C00EF4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181701205.00001B0C0100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181612148.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://jsbin.com/temexa/4.
                              Source: chrome.exe, 00000007.00000003.2181571065.00001B0C00FC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184429651.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180846337.00001B0C00EF4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184378272.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181701205.00001B0C0100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181592971.00001B0C01040000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184350976.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184453930.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181612148.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/AUTHORS.txt
                              Source: chrome.exe, 00000007.00000003.2181571065.00001B0C00FC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184429651.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180846337.00001B0C00EF4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184378272.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181701205.00001B0C0100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181592971.00001B0C01040000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184350976.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184453930.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181612148.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
                              Source: chrome.exe, 00000007.00000003.2181571065.00001B0C00FC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184429651.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180846337.00001B0C00EF4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184378272.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181701205.00001B0C0100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181592971.00001B0C01040000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184350976.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184453930.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181612148.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/LICENSE.txt
                              Source: chrome.exe, 00000007.00000003.2181571065.00001B0C00FC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184429651.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180846337.00001B0C00EF4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184378272.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181701205.00001B0C0100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181592971.00001B0C01040000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184350976.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184453930.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181612148.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/PATENTS.txt
                              Source: us0r9ri58y.exe, 00000016.00000003.2630141462.000000007EB44000.00000004.00001000.00020000.00000000.sdmp, us0r9ri58y.exe, 00000016.00000003.2632382700.000000007EB1A000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/V
                              Source: us0r9ri58y.exe, 00000016.00000003.2629157522.000000007ECF0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/support/faq.html
                              Source: us0r9ri58y.exe, 00000016.00000003.2629157522.000000007ECF0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/support/faq.htmlRAND
                              Source: Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport/allowlist
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport/fine-allowlist
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aida.googleapis.com/v1/aida:doConversation2
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
                              Source: chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://apis.google.com
                              Source: msedge.exe, 0000000C.00000002.2400179303.00000269B8DA2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com
                              Source: Handler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
                              Source: Handler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.ico
                              Source: Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.ico
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icofrom_play_api
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                              Source: chrome.exe, 00000007.00000003.2178823724.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000002.2412280652.000079D40236C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore
                              Source: chrome.exe, 00000007.00000003.2179310396.00001B0C00338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2182820220.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2179335143.00001B0C00C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2187508937.00001B0C00C88000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184236676.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2183765544.00001B0C00338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178730407.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184023273.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178823724.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstoreLDDiscover
                              Source: chrome.exe, 00000007.00000003.2215986698.0000106000974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymity-pa.googleapis.com/2%
                              Source: chrome.exe, 00000007.00000003.2215986698.0000106000974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/2$
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/
                              Source: chrome.exe, 00000007.00000003.2215986698.0000106000974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/2O
                              Source: msedge.exe, 0000000C.00000002.2412280652.000079D40236C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromewebstore.google.com/
                              Source: chrome.exe, 00000007.00000003.2168216191.0000746C002D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2168230840.0000746C002E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/cr/report
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000002.2410513912.000079D402240000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/crx
                              Source: Handler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                              Source: Handler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/d/1z2sdBwnUF2tSlhl3R2iUlk7gvmSbuLVXOgriPIcJkXQ/preview29
                              Source: chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/installwebapp?usp=chrome_default
                              Source: chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/installwebapp?usp=chrome_defaultlt
                              Source: chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/
                              Source: chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/?usp=installed_webapp
                              Source: chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/installwebapp?usp=chrome_default
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-autopush.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-0.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-1.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-2.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-3.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-4.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-5.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-6.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-preprod.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-staging.corp.google.com/
                              Source: chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-thirdparty.googleusercontent.com/32/type/
                              Source: chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?q=
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.ico
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icondTripTime
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/%
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/&
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/-
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/0
                              Source: chrome.exe, 00000007.00000003.2215986698.0000106000974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/2J
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/7
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/9
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/:
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/C
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/H
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/R
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/Y
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/c
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/f
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/m
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/w
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/z
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/
                              Source: chrome.exe, 00000007.00000003.2215986698.0000106000974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/2P
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/b
                              Source: msedge.exe, 0000000C.00000002.2413301640.000079D402594000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://goto.google.com/sme-bugs27
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://goto.google.com/sme-bugs2e
                              Source: Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/161903006
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/166809097
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/184850002
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/187425444
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/220069903
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/229267970
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/250706693
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/253522366
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/255411748
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/258207403
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/274859104
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/284462263
                              Source: msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
                              Source: chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2
                              Source: chrome.exe, 00000007.00000003.2214994629.00001B0C01D14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2174492471.00001B0C002A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard
                              Source: chrome.exe, 00000007.00000003.2174492471.00001B0C002A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard#exps-registration-success-page-urls
                              Source: chrome.exe, 00000007.00000003.2215986698.0000106000974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard2
                              Source: chrome.exe, 00000007.00000003.2174492471.00001B0C002A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardatures
                              Source: chrome.exe, 00000007.00000003.2215986698.0000106000974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardb
                              Source: chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiments
                              Source: chrome.exe, 00000007.00000003.2197613265.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2196820835.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search?source=ntp
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001457000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.000000000458E000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://legalize.live
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://legalize.live/
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://legalize.live/;1H?:
                              Source: chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/upload
                              Source: chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/uploadbyurl
                              Source: chrome.exe, 00000007.00000003.2215986698.0000106000974000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/2
                              Source: chrome.exe, 00000007.00000003.2172246807.0000106000878000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload
                              Source: chrome.exe, 00000007.00000003.2174492471.00001B0C002A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload#companion-iph-blocklisted-page-urls
                              Source: chrome.exe, 00000007.00000003.2171546076.000010600071C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload2
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lensfrontend-pa.googleapis.com/v1/crupload2
                              Source: chrome.exe, 00000007.00000003.2197613265.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2196820835.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?tab=rm&amp;ogbl
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?usp=installed_webapp
                              Source: msedge.exe, 0000000C.00000002.2413301640.000079D402594000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
                              Source: msedge.exe, 0000000C.00000002.2413301640.000079D402594000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/shielded-email2B
                              Source: msedge.exe, 0000000C.00000002.2413301640.000079D402594000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
                              Source: chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197327524.00001B0C013A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogads-pa.googleapis.com
                              Source: chrome.exe, 00000007.00000003.2213359279.00001B0C0129C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyn
                              Source: chrome.exe, 00000007.00000003.2197727608.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com
                              Source: chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197327524.00001B0C013A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com/widget/app/so?eom=1
                              Source: chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197327524.00001B0C013A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com/widget/callout?eom=1
                              Source: chrome.exe, 00000007.00000003.2184453930.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2221438898.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180318681.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1&target=OPTIMIZATION_TARGET_PAGE_TOPICS_
                              Source: chrome.exe, 00000007.00000003.2184453930.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2221438898.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180318681.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAG
                              Source: chrome.exe, 00000007.00000003.2184453930.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2221438898.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180318681.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1678906374&target=OPTIMIZATION_TARGET_OMN
                              Source: chrome.exe, 00000007.00000003.2184453930.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2221438898.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180318681.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695049402&target=OPTIMIZATION_TARGET_GEO
                              Source: chrome.exe, 00000007.00000003.2184453930.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2221438898.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180318681.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695049414&target=OPTIMIZATION_TARGET_NOT
                              Source: chrome.exe, 00000007.00000003.2184453930.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2221438898.00001B0C00F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180318681.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695051229&target=OPTIMIZATION_TARGET_PAG
                              Source: chrome.exe, 00000007.00000003.2180318681.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=210230727&target=OPTIMIZATION_TARGET_CLIE
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSession
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABzen
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSession
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/RotateBoundCookies
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
                              Source: msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
                              Source: chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.google.com?referrer=CHROME_NTP
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.gcp.privacysandboxservices.com
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.aws.privacysandboxservices.com
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.aws.privacysandboxservices.com/.well-known/protected-auction/v1/public-k
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.gcp.privacysandboxservices.com
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.gcp.privacysandboxservices.com/.well-known/protected-auction/v1/public-k
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.com2
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.comJv
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.comb
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com
                              Source: chrome.exe, 00000007.00000003.2197613265.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2196820835.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com/gb/images/bar/al-icon.png
                              Source: Handler.exe, Handler.exe, 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199817305251
                              Source: Handler.exe, 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199817305251fc0stnMozilla/5.0
                              Source: Handler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                              Source: Handler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/?
                              Source: Handler.exe, Handler.exe, 00000001.00000002.2661407306.0000000001457000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://t.me/w0ctzn
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001418000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/w0ctznL
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001418000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/w0ctznR
                              Source: Handler.exe, 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://t.me/w0ctznfc0stnMozilla/5.0
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001457000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.org
                              Source: Handler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
                              Source: Handler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
                              Source: Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearch
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearchn=opensearch
                              Source: chrome.exe, 00000007.00000003.2197063478.00001B0C00298000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com;report-uri
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
                              Source: chrome.exe, 00000007.00000003.2178823724.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/go-mobile/?ios-campaign=desktop-chr-ntp&android-campaign=desktop-chr-n
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/hats/index.htmlb
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                              Source: chrome.exe, 00000007.00000003.2197613265.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2196820835.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/imghp?hl=en&amp;tab=ri&amp;ogbl
                              Source: chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/intl/en/about/products?tab=rh
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
                              Source: chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?q=$
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.comAccess-Control-Allow-Credentials:
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/aida2
                              Source: chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager2
                              Source: chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager23
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com
                              Source: chrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com
                              Source: chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/images/icons/material/system/1x/broken_image_grey600_18dp.png
                              Source: chrome.exe, 00000007.00000003.2197613265.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2196820835.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197180824.00001B0C01428000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197469825.00001B0C01384000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/images/icons/material/system/2x/broken_image_grey600_18dp.png
                              Source: chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197327524.00001B0C013A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.WSo7OLdFZck.2019.O/rt=j/m=q_dnp
                              Source: chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197327524.00001B0C013A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/og/_/ss/k=og.qtm.CEsjJf2wziM.L.W.O/m=qmd
                              Source: Handler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.CDjelnmQJyZc
                              Source: Handler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.b3lOZaxJcpF6
                              Source: Handler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
                              Source: Handler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                              Source: Handler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
                              Source: Handler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
                              Source: chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytca
                              Source: chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/Q
                              Source: chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.html
                              Source: chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.htmllt
                              Source: Handler.exe, 00000001.00000002.2667841600.00000000046A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://yachtingiturkey.com/
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001418000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://yachtingiturkey.com/CrypterTest1.exe
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://yachtingiturkey.com/CrypterTest1.exe#m~
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50211 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50498 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50257 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50452 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50532 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50502
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50360 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50501
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50504
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50503
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50578 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50506
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50417 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50505
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50440 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50508
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50507
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50500
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50325 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50600 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50292 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50509
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50513
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50359 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50512
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50634 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50515
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50514
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50517
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50516
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50519
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50518
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50464 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50511
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50510
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50303 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50544 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50439 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50524
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50523
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50526
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50280 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50525
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50528
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50527
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50529
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50507 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50520
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50337 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50522
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50612 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50521
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50396 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50566 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50405 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50235 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50510 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50382 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50556 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50462 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50591 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50301 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50270 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50347 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50622 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50335 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50610 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50282 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50247 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50522 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50370 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50407 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50430 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50568 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50429 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50259 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50534 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50496 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50474 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50369 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50420 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50337
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50277 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50579
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50336
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50578
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50339
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50386 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50338
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50581 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50546 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50571
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50392 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50570
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50331
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50573
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50330
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50572
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50333
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50575
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50632 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50332
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50466 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50574
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50335
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50577
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50334
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50576
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50580
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50305 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50348
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50347
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50589
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50349
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50505 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50340
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50582
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50581
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50342
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50584
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50341
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50583
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50344
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50339 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50586
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50343
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50243 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50585
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50346
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50588
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50345
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50587
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50289 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50591
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50590
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50512 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50117
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50359
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50358
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50609 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50593
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50350
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50317 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50558 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50592
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50353
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50595
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50594
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50355
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50597
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50354
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50596
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50374 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50357
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50599
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50356
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50598
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50360
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50620 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50419 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50369
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50129
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50255 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50524 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50442 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50362
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50361
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50364
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50363
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50366
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50365
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50368
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50367
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50371
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50370
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50340 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50478 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50535
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50534
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50537
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50536
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50539
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50538
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50571 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50315 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50531
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50530
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50533
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50532
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50350 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50536 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50267 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50410 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50607 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50362 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50304
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50444 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50546
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50303
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50545
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50306
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50548
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50305
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50547
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50307
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50549
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50309
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50540
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50300
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50542
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50541
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50302
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50544
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50301
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50543
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50642 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50233 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50476 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50315
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50557
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50384 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50314
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50556
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50317
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50559
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50316
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50558
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50319
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50548 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50318
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50279 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50551
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50550
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50394 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50311
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50553
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50619 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50310
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50552
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50555
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50554
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50630 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50454 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50349 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50326
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50503 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50568
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50325
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50567
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50328
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50327
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50569
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50329
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50560
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50320
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50245 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50562
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50593 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50561
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50322
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50564
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50321
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50563
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50324
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50488 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50566
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50372 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50565
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50290 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50432 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50514 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50409 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50327 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50296
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50295
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50617 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50298
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50297
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50299
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50286 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50343 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50389 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50400 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50584 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50274 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50377 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50240 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50434 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50537 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50629 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50252 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50502 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50550 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50422 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50390 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50515 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50458 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50549 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50572 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50481 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50365 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50640 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50527 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50193 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50259
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50424 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50252
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50494
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50251
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50493
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50254
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50496
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50253
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50495
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50256
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50498
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50255
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50497
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50353 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50258
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50257
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50499
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50456 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50261
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50260
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50387 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50574 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50263
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50318 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50262
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50639 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50264
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50267
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50266
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50269
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50264 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50270
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50272
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50271
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50468 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50298 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50274
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50273
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50276
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50596 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50275
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50278
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50277
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50279
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50540 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50242 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50281
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50280
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50283
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50282
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50341 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50605 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50276 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50446 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50285
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50284
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50287
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50286
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50289
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50288
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50375 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50539 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50290
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50050
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50292
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50291
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50294
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50293
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50126 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50627 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50491 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50552 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50311 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50414 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50260 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50357 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50500 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50598 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50517 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50219 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50603 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50448 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50461 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50564 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50237 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50380 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50529 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50615 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50586 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50402 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50473 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50272 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50345 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50530 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50637 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50249 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50379 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50294 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50436 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50495 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50229 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50296 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50613 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50588 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50404 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50399 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50542 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
                              Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49931
                              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49930
                              Source: unknownNetwork traffic detected: HTTP traffic on port 50509 -> 443
                              Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.5:49704 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 116.203.164.230:443 -> 192.168.2.5:49705 version: TLS 1.2
                              Source: unknownHTTPS traffic detected: 162.0.209.157:443 -> 192.168.2.5:50137 version: TLS 1.2

                              E-Banking Fraud

                              barindex
                              Yara detected DanaBot stealer dll
                              Source: Yara matchFile source: 22.0.us0r9ri58y.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000016.00000000.2625608895.0000000000419000.00000020.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, type: DROPPED
                              Source: Yara matchFile source: C:\ProgramData\us0r9ri58y.exe, type: DROPPED
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040B846 CreateDesktopA,1_2_0040B846

                              System Summary

                              barindex
                              Malicious sample detected (through community Yara rule)
                              Source: 1.2.Handler.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
                              Source: 22.0.us0r9ri58y.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects executables containing common artifcats observed in infostealers Author: ditekSHen
                              Source: 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, type: DROPPEDMatched rule: Detects executables containing common artifcats observed in infostealers Author: ditekSHen
                              Source: C:\ProgramData\us0r9ri58y.exe, type: DROPPEDMatched rule: Detects executables containing common artifcats observed in infostealers Author: ditekSHen
                              Source: C:\ProgramData\us0r9ri58y.exeProcess Stats: CPU usage > 49%
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 0_2_02E66CAF0_2_02E66CAF
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 0_2_02E63CA90_2_02E63CA9
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 0_2_02E66CB00_2_02E66CB0
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 0_2_02E63CB80_2_02E63CB8
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A0511_2_0041A051
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004240711_2_00424071
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041E0E11_2_0041E0E1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004320811_2_00432081
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F0B11_2_0042F0B1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004191611_2_00419161
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F1711_2_0042F171
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A1111_2_0041A111
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041B1111_2_0041B111
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004311111_2_00431111
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004241C11_2_004241C1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004301D11_2_004301D1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041E1F11_2_0041E1F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004211911_2_00421191
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A1B11_2_0041A1B1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A2511_2_0041A251
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004302611_2_00430261
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004192011_2_00419201
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F2111_2_0042F211
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004242811_2_00424281
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041B2A11_2_0041B2A1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041E2B11_2_0041E2B1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004243411_2_00424341
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F3011_2_0042F301
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004193311_2_00419331
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004043E11_2_004043E1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004243E11_2_004243E1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004303F11_2_004303F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F3F11_2_0042F3F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004313811_2_00431381
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A4411_2_0041A441
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004324111_2_00432411
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004194F11_2_004194F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F4911_2_0042F491
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004315011_2_00431501
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041B5211_2_0041B521
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F5211_2_0042F521
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004305311_2_00430531
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F5C11_2_0042F5C1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004305D11_2_004305D1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041B5F11_2_0041B5F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004195B11_2_004195B1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004036411_2_00403641
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A6311_2_0041A631
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004316311_2_00431631
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004206D11_2_004206D1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004186F11_2_004186F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042E6811_2_0042E681
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A7411_2_0041A741
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042E7411_2_0042E741
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004237711_2_00423771
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042E7F11_2_0042E7F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004207B11_2_004207B1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F7B11_2_0042F7B1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F8511_2_0042F851
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004198611_2_00419861
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004188111_2_00418811
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A8111_2_0041A811
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004038111_2_00403811
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004308311_2_00430831
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004238311_2_00423831
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004188E11_2_004188E1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004238F11_2_004238F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F8F11_2_0042F8F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042E8911_2_0042E891
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004208A11_2_004208A1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041B8B11_2_0041B8B1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004209411_2_00420941
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042E9511_2_0042E951
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041A9011_2_0041A901
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004039011_2_00403901
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004199F11_2_004199F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004239F11_2_004239F1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042F9811_2_0042F981
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041AA011_2_0041AA01
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00430A111_2_00430A11
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00423AC11_2_00423AC1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041AAD11_2_0041AAD1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00419A811_2_00419A81
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00420AA11_2_00420AA1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00403AB11_2_00403AB1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041AB711_2_0041AB71
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00430B311_2_00430B31
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00403BC11_2_00403BC1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00423B911_2_00423B91
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041BBA11_2_0041BBA1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042DC411_2_0042DC41
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00418C711_2_00418C71
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00419C011_2_00419C01
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00430C011_2_00430C01
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042ECC11_2_0042ECC1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00430CD11_2_00430CD1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00423CE11_2_00423CE1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041BCB11_2_0041BCB1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042FCB11_2_0042FCB1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041BD711_2_0041BD71
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042DD011_2_0042DD01
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00419D111_2_00419D11
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042FDD11_2_0042FDD1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042DDE11_2_0042DDE1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00423DF11_2_00423DF1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041AD911_2_0041AD91
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00430E211_2_00430E21
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041AE311_2_0041AE31
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00418EF11_2_00418EF1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00420E911_2_00420E91
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00436EA21_2_00436EA2
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042FEA11_2_0042FEA1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00419EB11_2_00419EB1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041AF611_2_0041AF61
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00430F611_2_00430F61
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00420F611_2_00420F61
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00419F711_2_00419F71
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00423F011_2_00423F01
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042DF311_2_0042DF31
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00430FF11_2_00430FF1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042DFF11_2_0042DFF1
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042EFA11_2_0042EFA1
                              Source: Joe Sandbox ViewDropped File: C:\ProgramData\us0r9ri58y.exe 3454A44D19DA21B765B39886811918F59092CD9B1D0FCD9020F9779283B27B74
                              Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe 3454A44D19DA21B765B39886811918F59092CD9B1D0FCD9020F9779283B27B74
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4276 -s 912
                              Source: CrypterTest1[1].exe.1.drStatic PE information: Number of sections : 11 > 10
                              Source: us0r9ri58y.exe.1.drStatic PE information: Number of sections : 11 > 10
                              Source: Handler.exe, 00000000.00000002.2374277897.00000000012FE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs Handler.exe
                              Source: Handler.exe, 00000001.00000002.2661407306.00000000014C8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameCmd.Exej% vs Handler.exe
                              Source: Handler.exeStatic PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                              Source: 1.2.Handler.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
                              Source: 22.0.us0r9ri58y.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_GENInfoStealer author = ditekSHen, description = Detects executables containing common artifcats observed in infostealers
                              Source: 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
                              Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, type: DROPPEDMatched rule: INDICATOR_SUSPICIOUS_GENInfoStealer author = ditekSHen, description = Detects executables containing common artifcats observed in infostealers
                              Source: C:\ProgramData\us0r9ri58y.exe, type: DROPPEDMatched rule: INDICATOR_SUSPICIOUS_GENInfoStealer author = ditekSHen, description = Detects executables containing common artifcats observed in infostealers
                              Source: Handler.exeStatic PE information: Section: .idata ZLIB complexity 1.000327778259362
                              Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@75/222@51/18
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004201FF CreateToolhelp32Snapshot,Process32First,1_2_004201FF
                              Source: C:\Users\user\Desktop\Handler.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\MRRZE9YK.htmJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeMutant created: NULL
                              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8880:120:WilError_03
                              Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess4276
                              Source: C:\Windows\SysWOW64\WerFault.exeFile created: C:\ProgramData\Microsoft\Windows\WER\Temp\6c768706-bc89-4eff-bd05-054fe79ae73eJump to behavior
                              Source: Handler.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                              Source: C:\ProgramData\us0r9ri58y.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
                              Source: C:\ProgramData\us0r9ri58y.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
                              Source: Handler.exeStatic file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                              Source: C:\Users\user\Desktop\Handler.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                              Source: us0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpBinary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
                              Source: us0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpBinary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
                              Source: us0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpBinary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
                              Source: us0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpBinary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
                              Source: Handler.exeVirustotal: Detection: 29%
                              Source: Handler.exeReversingLabs: Detection: 28%
                              Source: C:\Users\user\Desktop\Handler.exeFile read: C:\Users\user\Desktop\Handler.exeJump to behavior
                              Source: unknownProcess created: C:\Users\user\Desktop\Handler.exe "C:\Users\user\Desktop\Handler.exe"
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Users\user\Desktop\Handler.exe "C:\Users\user\Desktop\Handler.exe"
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4276 -s 912
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2496 --field-trial-handle=2328,i,896341392617718342,12355125796449792821,262144 /prefetch:8
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2752 --field-trial-handle=2536,i,12924977744264181476,18165705626258018536,262144 /prefetch:3
                              Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:3
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6920 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7068 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\ProgramData\us0r9ri58y.exe "C:\ProgramData\us0r9ri58y.exe"
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\8q9zu" & exit
                              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6988 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Users\user\Desktop\Handler.exe "C:\Users\user\Desktop\Handler.exe"Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\ProgramData\us0r9ri58y.exe "C:\ProgramData\us0r9ri58y.exe" Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\8q9zu" & exitJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2496 --field-trial-handle=2328,i,896341392617718342,12355125796449792821,262144 /prefetch:8Jump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2752 --field-trial-handle=2536,i,12924977744264181476,18165705626258018536,262144 /prefetch:3Jump to behavior
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2272 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:3
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6920 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7068 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6988 --field-trial-handle=2100,i,17242345688467426598,17509230438713182026,262144 /prefetch:8
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: mscoree.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: apphelp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: kernel.appcore.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: version.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: windows.storage.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: wldp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: wininet.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: dbghelp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: sspicli.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: iertutil.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: windows.storage.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: wldp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: profapi.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: kernel.appcore.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: winhttp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: mswsock.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: iphlpapi.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: winnsi.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: urlmon.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: srvcli.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: netutils.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: dnsapi.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: rasadhlp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: fwpuclnt.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: schannel.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: mskeyprotect.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: ntasn1.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: msasn1.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: dpapi.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: cryptsp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: rsaenh.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: cryptbase.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: gpapi.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: ncrypt.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: ncryptsslp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: ntmarta.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: uxtheme.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: windowscodecs.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: propsys.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: edputil.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: wintypes.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: appresolver.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: bcp47langs.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: slc.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: userenv.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: sppc.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: apphelp.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: pcacli.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: mpr.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: sfc_os.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: ntshrui.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: cscapi.dllJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeSection loaded: linkinfo.dllJump to behavior
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: apphelp.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: version.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: mpr.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: netapi32.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: wininet.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: wsock32.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: iphlpapi.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: winmm.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: rasapi32.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: netapi32.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: avifil32.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: cryptui.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: wtsapi32.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: rasman.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: msvfw32.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: msacm32.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: netutils.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: samcli.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: winmmbase.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: winmmbase.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: pstorec.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: cryptsp.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: rsaenh.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: cryptbase.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: windows.storage.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: wldp.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: kernel.appcore.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: uxtheme.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: propsys.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: profapi.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: mswsock.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: winsta.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: firewallapi.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: dnsapi.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: fwbase.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: sxs.dll
                              Source: C:\ProgramData\us0r9ri58y.exeSection loaded: fwpolicyiomgr.dll
                              Source: C:\Windows\SysWOW64\timeout.exeSection loaded: version.dll
                              Source: C:\Users\user\Desktop\Handler.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
                              Source: Google Drive.lnk.7.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: YouTube.lnk.7.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: Sheets.lnk.7.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: Gmail.lnk.7.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: Slides.lnk.7.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: Docs.lnk.7.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                              Source: C:\ProgramData\us0r9ri58y.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner
                              Source: Window RecorderWindow detected: More than 3 window changes detected
                              Source: Handler.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                              Source: Handler.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                              Source: Handler.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                              Source: Binary string: Handler.pdbx source: Handler.exe, 00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmp, Handler.exe, 00000000.00000000.2064432922.0000000000BD2000.00000002.00000001.01000000.00000003.sdmp
                              Source: Binary string: Handler.pdb source: Handler.exe, 00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmp, Handler.exe, 00000000.00000000.2064432922.0000000000BD2000.00000002.00000001.01000000.00000003.sdmp
                              Source: Handler.exeStatic PE information: 0xC6FB477C [Tue Oct 15 09:16:44 2075 UTC]
                              Source: us0r9ri58y.exe.1.drStatic PE information: section name: .didata
                              Source: CrypterTest1[1].exe.1.drStatic PE information: section name: .didata
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004487CF push eax; ret 1_2_004487D0
                              Source: C:\Users\user\Desktop\Handler.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exeJump to dropped file
                              Source: C:\Users\user\Desktop\Handler.exeFile created: C:\ProgramData\us0r9ri58y.exeJump to dropped file
                              Source: C:\Users\user\Desktop\Handler.exeFile created: C:\ProgramData\us0r9ri58y.exeJump to dropped file

                              Boot Survival

                              barindex
                              Monitors registry run keys for changes
                              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry key monitored: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
                              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                              Source: C:\ProgramData\us0r9ri58y.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\ProgramData\us0r9ri58y.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\ProgramData\us0r9ri58y.exeProcess information set: NOOPENFILEERRORBOX
                              Source: C:\Users\user\Desktop\Handler.exeMemory allocated: 2D80000 memory reserve | memory write watchJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeMemory allocated: 3050000 memory reserve | memory write watchJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeMemory allocated: 2D80000 memory reserve | memory write watchJump to behavior
                              Source: C:\ProgramData\us0r9ri58y.exeWindow / User API: threadDelayed 4100
                              Source: C:\ProgramData\us0r9ri58y.exeWindow / User API: threadDelayed 5738
                              Source: C:\ProgramData\us0r9ri58y.exe TID: 2504Thread sleep time: -8200000s >= -30000s
                              Source: C:\ProgramData\us0r9ri58y.exe TID: 2504Thread sleep time: -11476000s >= -30000s
                              Source: C:\Windows\SysWOW64\timeout.exe TID: 8820Thread sleep count: 87 > 30
                              Source: C:\Users\user\Desktop\Handler.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041008C FindFirstFileA,1_2_0041008C
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004291EA FindFirstFileA,1_2_004291EA
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00428248 FindFirstFileA,memset,memset,1_2_00428248
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042A4E5 FindFirstFileA,1_2_0042A4E5
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040E749 FindFirstFileA,1_2_0040E749
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040177C FindFirstFileA,1_2_0040177C
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00412AC9 FindFirstFileA,1_2_00412AC9
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0040CCEA FindFirstFileA,1_2_0040CCEA
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042BD1E FindFirstFileA,1_2_0042BD1E
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_004018DA FindFirstFileA,1_2_004018DA
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_00428DDA GetLogicalDriveStringsA,1_2_00428DDA
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041F9A3 GetSystemInfo,1_2_0041F9A3
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
                              Source: Handler.exe, 00000001.00000002.2661407306.000000000143B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWx
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696428655x
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: discord.comVMware20,11696428655f
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: interactivebrokers.co.inVMware20,11696428655d
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: global block list test formVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696428655}
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                              Source: msedge.exe, 0000000C.00000003.2307778429.000079D402524000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware20,1(
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWh
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: account.microsoft.com/profileVMware20,11696428655u
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696428655|UE
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.comVMware20,11696428655}
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office365.comVMware20,11696428655t
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: microsoft.visualstudio.comVMware20,11696428655x
                              Source: msedge.exe, 0000000C.00000002.2397608015.00000269B6E54000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696428655s
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ms.portal.azure.comVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: AMC password management pageVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: tasks.office.comVMware20,11696428655o
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: turbotax.intuit.comVMware20,11696428655t
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: interactivebrokers.comVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: dev.azure.comVMware20,11696428655j
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: netportal.hdfcbank.comVMware20,11696428655
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - HKVMware20,11696428655]
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: bankofamerica.comVMware20,11696428655x
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,11696428655h
                              Source: Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Test URL for global passwords blocklistVMware20,11696428655
                              Source: C:\Users\user\Desktop\Handler.exeProcess information queried: ProcessInformationJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess queried: DebugPortJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 0_2_03058131 mov edi, dword ptr fs:[00000030h]0_2_03058131
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 0_2_030582AE mov edi, dword ptr fs:[00000030h]0_2_030582AE
                              Source: C:\Users\user\Desktop\Handler.exeMemory allocated: page read and write | page guardJump to behavior

                              HIPS / PFW / Operating System Protection Evasion

                              barindex
                              Contains functionality to inject code into remote processes
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 0_2_03058131 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateProcessW,CreateProcessW,VirtualAlloc,VirtualAlloc,GetThreadContext,Wow64GetThreadContext,ReadProcessMemory,ReadProcessMemory,VirtualAllocEx,VirtualAllocEx,GetProcAddress,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,SetThreadContext,Wow64SetThreadContext,ResumeThread,ResumeThread,0_2_03058131
                              Injects a PE file into a foreign processes
                              Source: C:\Users\user\Desktop\Handler.exeMemory written: C:\Users\user\Desktop\Handler.exe base: 400000 value starts with: 4D5AJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Users\user\Desktop\Handler.exe "C:\Users\user\Desktop\Handler.exe"Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\ProgramData\us0r9ri58y.exe "C:\ProgramData\us0r9ri58y.exe" Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\8q9zu" & exitJump to behavior
                              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
                              Source: C:\Users\user\Desktop\Handler.exeCode function: GetLocaleInfoA,1_2_0041F6B3
                              Source: C:\Users\user\Desktop\Handler.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                              Source: C:\ProgramData\us0r9ri58y.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion InstallDate
                              Source: C:\ProgramData\us0r9ri58y.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion ProductId
                              Source: C:\Users\user\Desktop\Handler.exeQueries volume information: C:\Users\user\Desktop\Handler.exe VolumeInformationJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeQueries volume information: C:\ VolumeInformationJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeQueries volume information: C:\ VolumeInformationJump to behavior
                              Source: C:\ProgramData\us0r9ri58y.exeQueries volume information: C:\ VolumeInformation
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0042D98B EntryPoint,GetUserNameW,1_2_0042D98B
                              Source: C:\Users\user\Desktop\Handler.exeCode function: 1_2_0041F53D GetTimeZoneInformation,1_2_0041F53D
                              Source: C:\Users\user\Desktop\Handler.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                              Stealing of Sensitive Information

                              barindex
                              Yara detected DanaBot stealer dll
                              Source: Yara matchFile source: 22.0.us0r9ri58y.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000016.00000000.2625608895.0000000000419000.00000020.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, type: DROPPED
                              Source: Yara matchFile source: C:\ProgramData\us0r9ri58y.exe, type: DROPPED
                              Yara detected PureLog Stealer
                              Source: Yara matchFile source: Handler.exe, type: SAMPLE
                              Source: Yara matchFile source: 0.2.Handler.exe.4059550.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.0.Handler.exe.bd0000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.2.Handler.exe.4059550.0.raw.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000000.2064432922.0000000000BD2000.00000002.00000001.01000000.00000003.sdmp, type: MEMORY
                              Yara detected Vidar stealer
                              Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                              Source: Yara matchFile source: 1.2.Handler.exe.400000.0.raw.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: Handler.exe PID: 2968, type: MEMORYSTR
                              Found many strings related to Crypto-Wallets (likely being stolen)
                              Source: Handler.exe, 00000001.00000002.2658511630.0000000000FE0000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: *electrum*.*
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \ElectronCash\wallets\
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: exodus.conf.json
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: info.seco
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ElectrumLTC
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: passphrase.json
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Ethereum\
                              Source: Handler.exe, 00000001.00000002.2658511630.0000000000FE0000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: *exodus*.*
                              Source: Handler.exe, 00000001.00000002.2658511630.0000000000FE0000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: *ethereum*.*
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001418000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Coinomi\Coinomi\wallets\
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: multidoge.wallet
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: seed.seco
                              Source: Handler.exe, 00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: set_UseMachineKeyStore
                              Source: Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum-LTC\wallets\
                              Tries to harvest and steal Bitcoin Wallet information
                              Source: C:\Users\user\Desktop\Handler.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-coreJump to behavior
                              Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
                              Source: C:\Users\user\Desktop\Handler.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\ConfigurationJump to behavior
                              Tries to harvest and steal browser information (history, passwords, etc)
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yiaxs5ej.default\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.files\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\temporary\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.jsJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\3561288849sdhlie.files\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.files\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\bookmarkbackups\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\archived\2023-10\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\to-be-removed\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\db\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\events\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\security_state\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqliteJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\2918063365piupsah.files\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqliteJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.files\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\pending_pings\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\saved-telemetry-pings\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\minidumps\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\events\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\default\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\tmp\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\archived\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\key4.dbJump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\key4.dbJump to behavior
                              Tries to harvest and steal ftp login credentials
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
                              Tries to steal Crypto Currency Wallets
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
                              Source: C:\Users\user\Desktop\Handler.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior
                              Source: Yara matchFile source: 22.0.us0r9ri58y.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000016.00000000.2625608895.0000000000419000.00000020.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: Handler.exe PID: 2968, type: MEMORYSTR
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, type: DROPPED
                              Source: Yara matchFile source: C:\ProgramData\us0r9ri58y.exe, type: DROPPED

                              Remote Access Functionality

                              barindex
                              Attempt to bypass Chrome Application-Bound Encryption
                              Source: C:\Users\user\Desktop\Handler.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                              Yara detected DanaBot stealer dll
                              Source: Yara matchFile source: 22.0.us0r9ri58y.exe.400000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000016.00000000.2625608895.0000000000419000.00000020.00000001.01000000.00000014.sdmp, type: MEMORY
                              Source: Yara matchFile source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, type: DROPPED
                              Source: Yara matchFile source: C:\ProgramData\us0r9ri58y.exe, type: DROPPED
                              Yara detected PureLog Stealer
                              Source: Yara matchFile source: Handler.exe, type: SAMPLE
                              Source: Yara matchFile source: 0.2.Handler.exe.4059550.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.0.Handler.exe.bd0000.0.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 0.2.Handler.exe.4059550.0.raw.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000000.00000002.2378670031.0000000004059000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: 00000000.00000000.2064432922.0000000000BD2000.00000002.00000001.01000000.00000003.sdmp, type: MEMORY
                              Yara detected Vidar stealer
                              Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                              Source: Yara matchFile source: 1.2.Handler.exe.400000.0.raw.unpack, type: UNPACKEDPE
                              Source: Yara matchFile source: 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                              Source: Yara matchFile source: Process Memory Space: Handler.exe PID: 2968, type: MEMORYSTR

                              Mitre Att&ck Matrix

                              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                              Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
                              DLL Side-Loading                              		1
                              DLL Side-Loading                              		1
                              Disable or Modify Tools                              		2
                              OS Credential Dumping                              		1
                              System Time Discovery                              		Remote Services1
                              Archive Collected Data                              		2
                              Ingress Tool Transfer                              		Exfiltration Over Other Network MediumAbuse Accessibility Features
                              CredentialsDomainsDefault AccountsScheduled Task/Job1
                              Create Account                              		1
                              Extra Window Memory Injection                              		1
                              Obfuscated Files or Information                              		1
                              Credentials in Registry                              		1
                              Account Discovery                              		Remote Desktop Protocol4
                              Data from Local System                              		21
                              Encrypted Channel                              		Exfiltration Over BluetoothNetwork Denial of Service
                              Email AddressesDNS ServerDomain AccountsAt1
                              Registry Run Keys / Startup Folder                              		211
                              Process Injection                              		1
                              Software Packing                              		Security Account Manager4
                              File and Directory Discovery                              		SMB/Windows Admin SharesData from Network Shared Drive1
                              Remote Access Software                              		Automated ExfiltrationData Encrypted for Impact
                              Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
                              Registry Run Keys / Startup Folder                              		1
                              Timestomp                              		NTDS54
                              System Information Discovery                              		Distributed Component Object ModelInput Capture3
                              Non-Application Layer Protocol                              		Traffic DuplicationData Destruction
                              Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                              DLL Side-Loading                              		LSA Secrets11
                              Query Registry                              		SSHKeylogging14
                              Application Layer Protocol                              		Scheduled TransferData Encrypted for Impact
                              Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                              Extra Window Memory Injection                              		Cached Domain Credentials111
                              Security Software Discovery                              		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                              DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                              Masquerading                              		DCSync3
                              Virtualization/Sandbox Evasion                              		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                              Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job3
                              Virtualization/Sandbox Evasion                              		Proc Filesystem2
                              Process Discovery                              		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                              Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt211
                              Process Injection                              		/etc/passwd and /etc/shadow1
                              Application Window Discovery                              		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                              IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCronDynamic API ResolutionNetwork Sniffing2
                              System Owner/User Discovery                              		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

                              Behavior Graph

                              Hide Legend

                              Legend:

                              • Process
                              • Signature
                              • Created File
                              • DNS/IP Info
                              • Is Dropped
                              • Is Windows Process
                              • Number of created Registry Values
                              • Number of created Files
                              • Visual Basic
                              • Delphi
                              • Java
                              • .Net C# or VB.NET
                              • C, C++ or other language
                              • Is malicious
                              • Internet
                              behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1592136 Sample: Handler.exe Startdate: 15/01/2025 Architecture: WINDOWS Score: 100 55 legalize.live 2->55 57 yachtingiturkey.com 2->57 59 t.me 2->59 101 Suricata IDS alerts for network traffic 2->101 103 Found malware configuration 2->103 105 Malicious sample detected (through community Yara rule) 2->105 107 8 other signatures 2->107 9 Handler.exe 2->9         started        12 msedge.exe 2->12         started        signatures3 process4 dnsIp5 109 Attempt to bypass Chrome Application-Bound Encryption 9->109 111 Found many strings related to Crypto-Wallets (likely being stolen) 9->111 113 Contains functionality to inject code into remote processes 9->113 115 Injects a PE file into a foreign processes 9->115 15 Handler.exe 31 9->15         started        20 WerFault.exe 19 16 9->20         started        67 192.168.2.16 unknown unknown 12->67 69 192.168.2.23 unknown unknown 12->69 71 192.168.2.4 unknown unknown 12->71 22 msedge.exe 12->22         started        24 msedge.exe 12->24         started        26 msedge.exe 12->26         started        28 msedge.exe 12->28         started        signatures6 process7 dnsIp8 81 legalize.live 116.203.164.230, 443, 49705, 49707 HETZNER-ASDE Germany 15->81 83 t.me 149.154.167.99, 443, 49704 TELEGRAMRU United Kingdom 15->83 89 2 other IPs or domains 15->89 49 C:\Users\user\AppData\...\CrypterTest1[1].exe, PE32 15->49 dropped 51 C:\ProgramData\us0r9ri58y.exe, PE32 15->51 dropped 93 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 15->93 95 Found many strings related to Crypto-Wallets (likely being stolen) 15->95 97 Tries to harvest and steal ftp login credentials 15->97 99 3 other signatures 15->99 30 us0r9ri58y.exe 15->30         started        34 msedge.exe 2 10 15->34         started        36 chrome.exe 8 15->36         started        38 cmd.exe 15->38         started        53 C:\ProgramData\Microsoft\...\Report.wer, Unicode 20->53 dropped 85 googlehosted.l.googleusercontent.com 142.250.186.33, 443, 49868 GOOGLEUS United States 22->85 87 chrome.cloudflare-dns.com 162.159.61.3, 443, 49870, 49891 CLOUDFLARENETUS United States 22->87 91 15 other IPs or domains 22->91 file9 signatures10 process11 dnsIp12 73 194.32.76.77, 443, 50196, 50211 MVPShttpswwwmvpsnetEU Germany 30->73 75 45.76.251.57, 443, 50202, 50219 AS-CHOOPAUS United States 30->75 117 Multi AV Scanner detection for dropped file 30->117 119 Machine Learning detection for dropped file 30->119 121 Monitors registry run keys for changes 34->121 40 msedge.exe 34->40         started        77 192.168.2.5, 138, 443, 49298 unknown unknown 36->77 79 239.255.255.250 unknown Reserved 36->79 42 chrome.exe 36->42         started        45 conhost.exe 38->45         started        47 timeout.exe 38->47         started        signatures13 process14 dnsIp15 61 www.google.com 142.250.181.228, 443, 49721, 49724 GOOGLEUS United States 42->61 63 play.google.com 216.58.206.78, 443, 49735, 49760 GOOGLEUS United States 42->63 65 2 other IPs or domains 42->65

                              Screenshots

                              Thumbnails

                              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                              windows-stand

                              Antivirus, Machine Learning and Genetic Malware Detection

                              Initial Sample

                              SourceDetectionScannerLabelLink
                              Handler.exe29%VirustotalBrowse
                              Handler.exe29%ReversingLabs
                              Handler.exe100%Joe Sandbox ML

                              Dropped Files

                              SourceDetectionScannerLabelLink
                              C:\ProgramData\us0r9ri58y.exe100%Joe Sandbox ML
                              C:\ProgramData\us0r9ri58y.exe83%ReversingLabsWin32.Trojan.Ulise
                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe83%ReversingLabsWin32.Trojan.Ulise

                              Unpacked PE Files

                              No Antivirus matches

                              Domains

                              No Antivirus matches

                              URLs

                              SourceDetectionScannerLabelLink
                              https://yachtingiturkey.com/0%Avira URL Cloudsafe
                              https://legalize.live0%Avira URL Cloudsafe
                              https://yachtingiturkey.com/CrypterTest1.exe#m~0%Avira URL Cloudsafe

                              Domains and IPs

                              Contacted Domains

                              NameIPActiveMaliciousAntivirus DetectionReputation
                              s-part-0012.t-0009.t-msedge.net
                              		13.107.246.40
                              		truefalse
                                		high
                                chrome.cloudflare-dns.com
                                		162.159.61.3
                                		truefalse
                                  		high
                                  legalize.live
                                  		116.203.164.230
                                  		truetrue
                                    		unknown
                                    plus.l.google.com
                                    		172.217.18.14
                                    		truefalse
                                      		high
                                      play.google.com
                                      		216.58.206.78
                                      		truefalse
                                        		high
                                        t.me
                                        		149.154.167.99
                                        		truefalse
                                          		high
                                          ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                                          		94.245.104.56
                                          		truefalse
                                            		high
                                            sb.scorecardresearch.com
                                            		18.244.18.38
                                            		truefalse
                                              		high
                                              www.google.com
                                              		142.250.181.228
                                              		truefalse
                                                		high
                                                googlehosted.l.googleusercontent.com
                                                		142.250.186.33
                                                		truefalse
                                                  		high
                                                  yachtingiturkey.com
                                                  		162.0.209.157
                                                  		truefalse
                                                    		unknown
                                                    assets.msn.com
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      r.msftstatic.com
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        c.msn.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          ntp.msn.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            clients2.googleusercontent.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              bzib.nelreports.net
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                apis.google.com
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  api.msn.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    browser.events.data.msn.com
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high

                                                                      Contacted URLs

                                                                      NameMaliciousAntivirus DetectionReputation
                                                                      https://sb.scorecardresearch.com/b2?rn=1736968595850&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=370FFD26CB8D69B80FE6E853CA946810&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*nullfalse
                                                                        		high
                                                                        https://steamcommunity.com/profiles/76561199817305251false
                                                                          		high

                                                                          URLs from Memory and Binaries

                                                                          NameSourceMaliciousAntivirus DetectionReputation
                                                                          https://duckduckgo.com/chrome_newtabHandler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://mail.google.com/mail/?usp=installed_webappchrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://duckduckgo.com/ac/?q=Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://google-ohttp-relay-join.fastly-edge.com/-chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://permanently-removed.invalid/oauth2/v2/tokeninfomsedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://google-ohttp-relay-join.fastly-edge.com/0chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://google-ohttp-relay-join.fastly-edge.com/7chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://anglebug.com/4633chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://anglebug.com/7382chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.Handler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://issuetracker.google.com/284462263msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://google-ohttp-relay-join.fastly-edge.com/:chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://google-ohttp-relay-join.fastly-edge.com/9chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://google-ohttp-relay-join.fastly-edge.com/Cchrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://publickeyservice.gcp.privacysandboxservices.comchrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        http://polymer.github.io/AUTHORS.txtchrome.exe, 00000007.00000003.2181571065.00001B0C00FC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184429651.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180846337.00001B0C00EF4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184378272.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181701205.00001B0C0100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181592971.00001B0C01040000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184350976.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184453930.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181612148.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://docs.google.com/chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://publickeyservice.pa.aws.privacysandboxservices.comchrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://anglebug.com/7714chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://google-ohttp-relay-join.fastly-edge.com/Hchrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://google-ohttp-relay-join.fastly-edge.com/Rchrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://photos.google.com?referrer=CHROME_NTPchrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://anglebug.com/6248chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://ogs.google.com/widget/callout?eom=1chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197327524.00001B0C013A4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://google-ohttp-relay-join.fastly-edge.com/Ychrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            http://anglebug.com/6929chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://google-ohttp-relay-join.fastly-edge.com/cchrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                http://anglebug.com/5281chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://www.youtube.com/?feature=ytcachrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://google-ohttp-relay-join.fastly-edge.com/fchrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://issuetracker.google.com/255411748msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://permanently-removed.invalid/oauth2/v4/tokenmsedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://anglebug.com/7246chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://anglebug.com/7369chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://anglebug.com/7489chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://docs.google.com/presentation/chrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://duckduckgo.com/?q=chrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://chrome.google.com/webstorechrome.exe, 00000007.00000003.2178823724.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000002.2412280652.000079D40236C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://drive-daily-2.corp.google.com/chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        http://polymer.github.io/PATENTS.txtchrome.exe, 00000007.00000003.2181571065.00001B0C00FC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184429651.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180846337.00001B0C00EF4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184378272.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181701205.00001B0C0100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181592971.00001B0C01040000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184350976.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184453930.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181612148.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://cdn.ecosia.org/assets/images/ico/favicon.icochrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=Handler.exe, 00000001.00000002.2665802894.0000000004511000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://issuetracker.google.com/161903006msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://www.ecosia.org/newtab/Handler.exe, 00000001.00000002.2665802894.00000000043D8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://drive-daily-1.corp.google.com/chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://www.youtube.com/chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://drive-daily-5.corp.google.com/chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://duckduckgo.com/favicon.icochrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://permanently-removed.invalid/chrome/blank.htmlmsedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://anglebug.com/3078chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://anglebug.com/7553chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                http://anglebug.com/5375chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://permanently-removed.invalid/v1/issuetokenmsedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://www.youtube.com/s/notifications/manifest/cr_install.htmlltchrome.exe, 00000007.00000003.2216806923.00001B0C01084000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      http://anglebug.com/5371chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        http://anglebug.com/4722chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://permanently-removed.invalid/reauth/v1beta/users/msedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://anglebug.com/7556chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&refHandler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://chromewebstore.google.com/msedge.exe, 0000000C.00000002.2412280652.000079D40236C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://drive-preprod.corp.google.com/chrome.exe, 00000007.00000003.2175060224.00001B0C004A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://t.me/w0ctznfc0stnMozilla/5.0Handler.exe, 00000001.00000002.2658080535.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477Handler.exe, 00000001.00000002.2667841600.00000000047CF000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://publickeyservice.pa.gcp.privacysandboxservices.comchrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://google-ohttp-relay-join.fastly-edge.com/&chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://google-ohttp-relay-join.fastly-edge.com/%chrome.exe, 00000007.00000003.2217550945.00001B0C01954000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217336901.00001B0C01934000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217900260.00001B0C01958000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217376478.00001B0C0193C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2217451206.00001B0C01950000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://html4/loose.dtdus0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://permanently-removed.invalid/RotateBoundCookiesmsedge.exe, 0000000C.00000003.2311003688.000079D40246C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2310777059.000079D402464000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://anglebug.com/6692chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://issuetracker.google.com/258207403msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://legalize.liveHandler.exe, 00000001.00000002.2661407306.0000000001457000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2665802894.000000000458E000.00000004.00000020.00020000.00000000.sdmp, Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                                      http://anglebug.com/3502chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        http://anglebug.com/3623msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          http://www.openssl.org/Vus0r9ri58y.exe, 00000016.00000003.2630141462.000000007EB44000.00000004.00001000.00020000.00000000.sdmp, us0r9ri58y.exe, 00000016.00000003.2632382700.000000007EB1A000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            http://anglebug.com/3625msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              http://anglebug.com/3624msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                http://anglebug.com/5007chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiHandler.exe, 00000001.00000002.2664676243.000000000410F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    http://anglebug.com/3862chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://chrome.google.com/webstoreLDDiscoverchrome.exe, 00000007.00000003.2179310396.00001B0C00338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2182820220.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2179335143.00001B0C00C80000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2187508937.00001B0C00C88000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184236676.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2183765544.00001B0C00338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178730407.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184023273.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178823724.00001B0C00D2C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://www.ecosia.org/search?q=&addon=opensearchchrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          http://anglebug.com/4836chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://issuetracker.google.com/issues/166475273msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              http://.cssus0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://ch.search.yahoo.com/favicon.icochrome.exe, 00000007.00000003.2179229642.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184725429.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2203140320.00001B0C00BB4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197727608.00001B0C00BB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  https://docs.google.com/document/d/1z2sdBwnUF2tSlhl3R2iUlk7gvmSbuLVXOgriPIcJkXQ/preview29chrome.exe, 00000007.00000003.2214480549.00001B0C0180C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    http://www.openssl.org/support/faq.htmlus0r9ri58y.exe, 00000016.00000003.2629157522.000000007ECF0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      https://msn.com/msedge.exe, 0000000C.00000002.2413301640.000079D402594000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        http://anglebug.com/4384chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                                          https://yachtingiturkey.com/CrypterTest1.exe#m~Handler.exe, 00000001.00000002.2661407306.0000000001473000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                                                                          https://mail.google.com/mail/?tab=rm&amp;ogblchrome.exe, 00000007.00000003.2197613265.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2196820835.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                                            http://anglebug.com/3970chrome.exe, 00000007.00000003.2178439550.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178473761.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2178004291.00001B0C00390000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000C.00000003.2311449201.000079D402568000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                                              https://apis.google.comchrome.exe, 00000007.00000003.2189853954.00001B0C00294000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197138563.00001B0C0141C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                                https://support.mozilla.org/products/firefoxgro.allHandler.exe, 00000001.00000002.2669636427.00000000049EB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                                  http://polymer.github.io/CONTRIBUTORS.txtchrome.exe, 00000007.00000003.2181571065.00001B0C00FC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184429651.00001B0C00A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2180846337.00001B0C00EF4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184378272.00001B0C0078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181701205.00001B0C0100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184760970.00001B0C003B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181592971.00001B0C01040000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2185090898.00001B0C0120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184350976.00001B0C00C70000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184453930.00001B0C00F2C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2184915109.00001B0C01130000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2181612148.00001B0C00EB8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                                    https://labs.google.com/search?source=ntpchrome.exe, 00000007.00000003.2197613265.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2196820835.00001B0C01338000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197665566.00001B0C01354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197700202.00001B0C01438000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000007.00000003.2197156841.00001B0C0140C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                                      http://.jpgus0r9ri58y.exe, 00000016.00000000.2626785777.00000000008FF000.00000008.00000001.01000000.00000014.sdmpfalse
                                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                                        https://yachtingiturkey.com/Handler.exe, 00000001.00000002.2667841600.00000000046A8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                                                                                        		unknown

                                                                                                                                                                                                                                                                        World Map of Contacted IPs

                                                                                                                                                                                                                                                                        • No. of IPs < 25%
                                                                                                                                                                                                                                                                        • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                        • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                        • 75% < No. of IPs

                                                                                                                                                                                                                                                                        Public IPs

                                                                                                                                                                                                                                                                        IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                        45.76.251.57
                                                                                                                                                                                                                                                                        		unknownUnited States
                                                                                                                                                                                                                                                                        		20473AS-CHOOPAUStrue
                                                                                                                                                                                                                                                                        116.203.164.230
                                                                                                                                                                                                                                                                        		legalize.liveGermany
                                                                                                                                                                                                                                                                        		24940HETZNER-ASDEtrue
                                                                                                                                                                                                                                                                        162.159.61.3
                                                                                                                                                                                                                                                                        		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                                                                        		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                        142.250.186.33
                                                                                                                                                                                                                                                                        		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                        18.244.18.38
                                                                                                                                                                                                                                                                        		sb.scorecardresearch.comUnited States
                                                                                                                                                                                                                                                                        		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                        239.255.255.250
                                                                                                                                                                                                                                                                        		unknownReserved
                                                                                                                                                                                                                                                                        		unknownunknownfalse
                                                                                                                                                                                                                                                                        194.32.76.77
                                                                                                                                                                                                                                                                        		unknownGermany
                                                                                                                                                                                                                                                                        		202448MVPShttpswwwmvpsnetEUtrue
                                                                                                                                                                                                                                                                        216.58.206.78
                                                                                                                                                                                                                                                                        		play.google.comUnited States
                                                                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                        149.154.167.99
                                                                                                                                                                                                                                                                        		t.meUnited Kingdom
                                                                                                                                                                                                                                                                        		62041TELEGRAMRUfalse
                                                                                                                                                                                                                                                                        108.139.47.33
                                                                                                                                                                                                                                                                        		unknownUnited States
                                                                                                                                                                                                                                                                        		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                        172.64.41.3
                                                                                                                                                                                                                                                                        		unknownUnited States
                                                                                                                                                                                                                                                                        		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                        162.0.209.157
                                                                                                                                                                                                                                                                        		yachtingiturkey.comCanada
                                                                                                                                                                                                                                                                        		35893ACPCAfalse
                                                                                                                                                                                                                                                                        142.250.181.228
                                                                                                                                                                                                                                                                        		www.google.comUnited States
                                                                                                                                                                                                                                                                        		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                                        Private

                                                                                                                                                                                                                                                                        IP
                                                                                                                                                                                                                                                                        192.168.2.4
                                                                                                                                                                                                                                                                        192.168.2.5
                                                                                                                                                                                                                                                                        127.0.0.1
                                                                                                                                                                                                                                                                        192.168.2.16
                                                                                                                                                                                                                                                                        192.168.2.23

                                                                                                                                                                                                                                                                        General Information

                                                                                                                                                                                                                                                                        Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                                        Analysis ID:1592136
                                                                                                                                                                                                                                                                        Start date and time:2025-01-15 20:15:08 +01:00
                                                                                                                                                                                                                                                                        Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                        Overall analysis duration:0h 15m 55s
                                                                                                                                                                                                                                                                        Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                        Report type:full
                                                                                                                                                                                                                                                                        Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                        Number of analysed new started processes analysed:27
                                                                                                                                                                                                                                                                        Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                        Number of existing processes analysed:0
                                                                                                                                                                                                                                                                        Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                        Number of injected processes analysed:0
                                                                                                                                                                                                                                                                        Technologies:
                                                                                                                                                                                                                                                                        • HCA enabled
                                                                                                                                                                                                                                                                        • EGA enabled
                                                                                                                                                                                                                                                                        • AMSI enabled
                                                                                                                                                                                                                                                                        Analysis Mode:default
                                                                                                                                                                                                                                                                        Sample name:Handler.exe
                                                                                                                                                                                                                                                                        Detection:MAL
                                                                                                                                                                                                                                                                        Classification:mal100.troj.spyw.evad.winEXE@75/222@51/18
                                                                                                                                                                                                                                                                        EGA Information:
                                                                                                                                                                                                                                                                        • Successful, ratio: 100%
                                                                                                                                                                                                                                                                        HCA Information:
                                                                                                                                                                                                                                                                        • Successful, ratio: 100%
                                                                                                                                                                                                                                                                        • Number of executed functions: 122
                                                                                                                                                                                                                                                                        • Number of non-executed functions: 7
                                                                                                                                                                                                                                                                        Cookbook Comments:
                                                                                                                                                                                                                                                                        • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                                        Warnings

                                                                                                                                                                                                                                                                        • Max analysis timeout: 600s exceeded, the analysis took too long
                                                                                                                                                                                                                                                                        • Exclude process from analysis (whitelisted): dllhost.exe, WerFault.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                                                                        • Excluded IPs from analysis (whitelisted): 199.232.210.172, 2.23.77.188, 142.250.186.131, 142.250.186.142, 64.233.184.84, 142.250.185.142, 142.250.186.67, 142.250.185.174, 216.58.212.138, 142.250.186.42, 142.250.185.74, 142.250.186.74, 142.250.74.202, 142.250.185.138, 216.58.206.74, 142.250.186.170, 142.250.185.106, 142.250.185.234, 142.250.184.234, 172.217.18.106, 142.250.185.170, 142.250.185.202, 216.58.212.170, 172.217.16.202, 172.217.18.14, 142.250.186.138, 172.217.18.10, 172.217.16.138, 142.250.181.234, 142.250.184.202, 142.250.186.106, 216.58.206.42, 13.107.42.16, 204.79.197.203, 13.107.21.239, 204.79.197.239, 142.250.185.238, 13.107.6.158, 20.82.9.214, 2.19.11.120, 2.19.11.100, 20.42.65.92, 88.221.110.179, 88.221.110.242, 2.21.65.132, 2.21.65.153, 2.16.241.162, 2.16.241.151, 13.74.129.1, 13.107.21.237, 204.79.197.237, 20.191.45.158, 104.208.16.88, 199.232.214.172, 142.250.80.3, 142.251.40.227, 142.251.40.131, 23.49.251.29, 23.49.251.31, 23.49.251.33, 23.49.251.24, 23.49.251.20, 23.49.251.7, 23.49.251.27
                                                                                                                                                                                                                                                                        • Excluded domains from analysis (whitelisted): cdp-f-ssl-tlu-net.trafficmanager.net, nav-edge.smartscreen.microsoft.com, www-bing-com.dual-a-0034.a-msedge.net, slscr.update.microsoft.com, a416.dscd.akamai.net, img-s-msn-com.akamaized.net, data-edge.smartscreen.microsoft.com, clientservices.googleapis.com, edgeassetservice.afd.azureedge.net, p-static.bing.trafficmanager.net, star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, login.live.com, config-edge-skype.l-0007.l-msedge.net, www.gstatic.com, l-0007.l-msedge.net, e28578.d.akamaiedge.net, iris-de-prod-azsc-v2-eus2.eastus2.cloudapp.azure.com, www.bing.com, assets.msn.com.edgekey.net, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, c-bing-com.dual-a-0034.a-msedge.net, ogads-pa.googleapis.com, prod-atm-wds-edge.trafficmanager.net, www-www.bing.com.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, a1834.dscg2.akamai.net, onedsblobprdeus17.eastus.cloudapp.azu
                                                                                                                                                                                                                                                                        • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                        • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                        • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                                                                        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                                        Simulations

                                                                                                                                                                                                                                                                        Behavior and APIs

                                                                                                                                                                                                                                                                        TimeTypeDescription
                                                                                                                                                                                                                                                                        14:16:32API Interceptor1x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                                                                                        14:17:33API Interceptor33305611x Sleep call for process: us0r9ri58y.exe modified

                                                                                                                                                                                                                                                                        Joe Sandbox View / Context

                                                                                                                                                                                                                                                                        IPs

                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                        162.159.61.3Mbda Us.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                          Ticketmaster #U00c2#U0156300 Cash2356899.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                            possible SPAM## Msig Insurance Europe Complete via-Sign Monday January 2025.msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              Handler.exeGet hashmaliciousDanaBot, VidarBrowse
                                                                                                                                                                                                                                                                                JUbmpeT.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                  https://file2-cdn.creality.com/file/2e068bd90e233501c8036fb25c76e092/CrealityScan_win_3.3.4-20241030.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    mNPTwHOuvT.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                      1507513743282749438.jsGet hashmaliciousStrela DownloaderBrowse
                                                                                                                                                                                                                                                                                        https://youtube.com0x360x380x370x340x370x340x370x300x370x330x330x610x320x660x320x660x360x310x360x640x360x360x370x320x320x650x370x320x370x350x320x660x370x320x360x620x320x650x370x300x360x380x370x300x330x660x360x390x360x340x330x640x330x320x330x300x330x300x320x360x370x330x360x390x370x340x360x350x350x660x360x390x360x340x330x640x370x330x330x310x320x360x360x350x370x360x360x350x360x650x370x340x330x320x330x640x360x320x360x310x360x650x360x650x360x350x370x320x320x360x360x350x370x360x360x350x360x650x370x340x330x320x330x640x360x330x360x630x360x390x360x330x360x620x320x360x360x350x370x360x360x350x360x650x370x340x330x330x330x640x330x310x320x620x320x350x330x320x340x360x320x620x320x350x330x350x340x320x330x320x330x350x330x300x320x350x330x350x340x340x320x620x320x350x330x350x340x320x360x390x360x650x360x340x360x350x370x380x350x660x360x320x350x660x360x330x320x350x330x350x340x340x320x620x320x350x340x340x330x300x320x350x330x390x330x330x320x350x340x340x330x300x320x350x340x320x340x320x320x350x340x340x330x300x320x350x340x320x330x300x320x350x340x340x330x300x320x350x340x320x330x320x320x350x340x340x330x300x320x350x340x320x340x340x320x350x340x340x330x300x320x350x340x320x330x300x320x350x340x340x330x310x320x350x330x380x340x360x320x620x320x350x340x340x330x310x320x350x330x380x330x310x320x350x340x340x330x310x320x350x330x380x330x320x320x350x340x340x330x340x370x380x360x340x390x320x390x330x370x320x330x300x390x340x370x330x340x300x330x340x2d0x380x380x340x330x340x370x330x340x300x340x390x300x350x370x330x370x340x330x300x340x300x330x340x380x320x2d0x340x300x390x340x380x2d0x320x2d0x340x380x380x320x2d0x330x320x380x380x340x370x370x320x390x390x320x380x380x380x340x370x340x370x320x390x300x340x390x340x370x320x340x300x380x320x340x370x340x370x320x620x320x640x320x620x320x350x340x340x330x300x320x350x330x390x330x340x320x350x340x340x330x300x320x350x340x320x330x350x320x350x340x340x330x300x320x350x340x320x340x330x320x350x340x340x330x300x320x350x340x320x330x380x320x350x340x340x330x300x320x350x340x320x340x310x320x350x340x340x330Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          348426869538810128.jsGet hashmaliciousStrela DownloaderBrowse
                                                                                                                                                                                                                                                                                            45.76.251.57Handler.exeGet hashmaliciousDanaBot, VidarBrowse
                                                                                                                                                                                                                                                                                              UWYXurYZ2x.exeGet hashmaliciousLummaC, Amadey, Babadeda, DanaBot, KeyLogger, LummaC Stealer, Poverty StealerBrowse
                                                                                                                                                                                                                                                                                                239.255.255.250https://fingertip.com/incoming-documentGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                  https://www.google.com.tr/url?sa==SlzLhhFsJ7fGjpM8fvOAkm1z4KC&rct=fETOvblSpCqm85GTYKVdXKip5bkW26kcBgD7HeLR8E6psRE86jAuyRjA7fyhhYHpWk&sa=t&url=amp/sasaol.com/ccy/ptsd/vTd7ocRQy71kDqeKXneUsLH4CLz/YWxpc29uLnNtaXRoQHJic2ludC5jb20=Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    https://52f1897b.5648702dd4d5255cab645104.workers.dev/?qrc=test@test.orgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                      http://www.schoolhouselearningcenter.net/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        https://52f1897b.5648702dd4d5255cab645104.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                          https://q89x88qh.r.ap-southeast-1.awstrack.me/L0/https:%2F%2Fblackdoor.in%2Fcazxccall%2Frtyucallingzxc%2F/1/010e01946a4fedf7-6a14e9da-4611-4b34-a7c5-f58f00519f0d-000000/p9HvzYrykwYBivTgZCa5Kf2-wBc=194Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            https://lgray785.wixsite.com/my-site-4Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                              0430tely.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                oD2XngYscZ.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  https://login.ecoleterradeasltd.xyz/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725581254870614.NzQzNDkzODMtOTc3Ni00MTk4LWEyOTgtNzcxOTE2NjUxYzRiMGVmZDU5N2MtN2U3NC00YjUwLTkxMzUtNTE5MGUwYzg1ZmQ2&ui_locales=en-US&mkt=en-US&client-request-id=36d4a1f6-7cba-45d1-a3ed-df92000d1eff&state=HfQ7BQGkYjqSuhdp0uw1pmK7OnWuMWuL6CrtRUQFTAqayUvi4HK2WHpRg3qXyBpviEzEkkPrHxRuxUPhbVJ6VT_z1Q4rknsdO1I1G8I0vvmCJKY1Jj17UvvXfl7rwwbByhZiSjZv4e0zjm8vBEwSjLmzdF29N_NteyY8M7drEpkBEAgCB0EoFXswqlG9707goDIQqjTpA0BHvdohyO5aj-tJFO1J-Wz2owkKr6bkCNZlxKE53oI2XKYpyD1GEC2x5jHgmT1f4Yrr9BPkhEeMCw&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    18.244.18.38kXzODlqJak.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                      cLm7ThwEvh.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        http://indyhumane.orgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                          https://hockey30.com/nouvelles/malaise-en-conference-de-presse-kent-hughes-envoie-un-message-cinglant-a-juraj-slafkovsky/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            Mes_Drivers_3.0.4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                              https://o365info.com/get-unlicensed-onedrive-accounts/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                                  25F.tmp.exeGet hashmaliciousDarkbotBrowse
                                                                                                                                                                                                                                                                                                                                    WSock.dllGet hashmaliciousRamnitBrowse
                                                                                                                                                                                                                                                                                                                                      Unlock_Tool_v2.6.5.exeGet hashmaliciousStealc, VidarBrowse

                                                                                                                                                                                                                                                                                                                                        Domains

                                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                        t.mehttps://ofmfy.icu/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        http://kfz.ear.mybluehost.me/Account/netflix/login/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 50.87.184.100
                                                                                                                                                                                                                                                                                                                                        Handler.exeGet hashmaliciousDanaBot, VidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        sysadmin.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        JUbmpeT.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        UWYXurYZ2x.exeGet hashmaliciousLummaC, Amadey, Babadeda, DanaBot, KeyLogger, LummaC Stealer, Poverty StealerBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        http://www.eovph.icu/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        http://www.eghwr.icu/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        https://wkybcnfuqpgjx.ltd/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        http://4q2j5y3.fat-fly.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        chrome.cloudflare-dns.comTicketmaster #U00c2#U0156300 Cash2356899.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                        LN1lgDlZ8e.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                        possible SPAM## Msig Insurance Europe Complete via-Sign Monday January 2025.msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                        Handler.exeGet hashmaliciousDanaBot, VidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                        Collaboration-x64.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                        JUbmpeT.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                        3bSDIpSIdF.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                        3bSDIpSIdF.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                                        mNPTwHOuvT.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                        1507513743282749438.jsGet hashmaliciousStrela DownloaderBrowse
                                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                                        plus.l.google.comDEEZI80S.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 142.250.186.78
                                                                                                                                                                                                                                                                                                                                        https://drive.google.com/file/d/1dNrtjTqb59ZQTE3gUuVhSjEbFXuJRXW7/view?usp=sharing&ts=6786e61fGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 142.250.185.142
                                                                                                                                                                                                                                                                                                                                        http://arthistoryteachingresources.org/2015/02/talk-to-your-profbut-how/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 216.58.206.46
                                                                                                                                                                                                                                                                                                                                        http://sites.google.com/view/delta-1/home/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 216.58.206.46
                                                                                                                                                                                                                                                                                                                                        527.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 142.250.184.238
                                                                                                                                                                                                                                                                                                                                        527.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 216.58.206.78
                                                                                                                                                                                                                                                                                                                                        https://drive.google.com/file/d/1TF-huc4s6nOnHpT977ywO8Fj-NERebnm/view?usp=sharing_eip&ts=6786926eGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 142.250.184.238
                                                                                                                                                                                                                                                                                                                                        http://www.affordablehousing.com/MaineCWLGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 142.250.184.238
                                                                                                                                                                                                                                                                                                                                        NoticeOfPayment.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.217.16.206
                                                                                                                                                                                                                                                                                                                                        https://beinghunted.co.uk//#mark.seymour@capstonelogistics.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 216.58.212.174
                                                                                                                                                                                                                                                                                                                                        s-part-0012.t-0009.t-msedge.nethttps://securityalert-corporate.com/click/f288bff9-842d-4e34-8d2d-41ad20e48e9dGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        Debh Payment Detail.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        qI6cHJbHJg.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        https://bryf.atchirlisc.ru/EeMAGvIe/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        BWCStartMSI.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        taCCGTk8n1.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        vQu0zndLpi.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        mtbkkesfthae.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.107.246.40

                                                                                                                                                                                                                                                                                                                                        ASNs

                                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                        AMAZON-02UShttps://fingertip.com/incoming-documentGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 3.5.169.67
                                                                                                                                                                                                                                                                                                                                        https://q89x88qh.r.ap-southeast-1.awstrack.me/L0/https:%2F%2Fblackdoor.in%2Fcazxccall%2Frtyucallingzxc%2F/1/010e01946a4fedf7-6a14e9da-4611-4b34-a7c5-f58f00519f0d-000000/p9HvzYrykwYBivTgZCa5Kf2-wBc=194Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 52.74.136.124
                                                                                                                                                                                                                                                                                                                                        https://lgray785.wixsite.com/my-site-4Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 99.86.4.105
                                                                                                                                                                                                                                                                                                                                        New order BPD-003777.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.248.169.48
                                                                                                                                                                                                                                                                                                                                        QQE81XYXon.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 63.35.17.92
                                                                                                                                                                                                                                                                                                                                        PO -2025918.exeGet hashmaliciousFormBook, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.248.169.48
                                                                                                                                                                                                                                                                                                                                        txWVWM8Kx4.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 52.34.64.1
                                                                                                                                                                                                                                                                                                                                        hNgIvHRuTU.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 13.229.164.57
                                                                                                                                                                                                                                                                                                                                        https://docs.google.com/drawings/d/1Fix-5JDCTM2QJpjq3c_NOGTxMuhYRiEX3wdVSCqQc9w/preview?FwaxQGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 18.245.46.111
                                                                                                                                                                                                                                                                                                                                        q4e7rZQEkL.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 54.76.228.176
                                                                                                                                                                                                                                                                                                                                        CLOUDFLARENETUShttps://fingertip.com/incoming-documentGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.67.40.50
                                                                                                                                                                                                                                                                                                                                        https://www.google.com.tr/url?sa==SlzLhhFsJ7fGjpM8fvOAkm1z4KC&rct=fETOvblSpCqm85GTYKVdXKip5bkW26kcBgD7HeLR8E6psRE86jAuyRjA7fyhhYHpWk&sa=t&url=amp/sasaol.com/ccy/ptsd/vTd7ocRQy71kDqeKXneUsLH4CLz/YWxpc29uLnNtaXRoQHJic2ludC5jb20=Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.67.196.214
                                                                                                                                                                                                                                                                                                                                        https://52f1897b.5648702dd4d5255cab645104.workers.dev/?qrc=test@test.orgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 104.18.94.41
                                                                                                                                                                                                                                                                                                                                        http://www.schoolhouselearningcenter.net/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 104.17.25.14
                                                                                                                                                                                                                                                                                                                                        https://52f1897b.5648702dd4d5255cab645104.workers.dev/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 104.18.95.41
                                                                                                                                                                                                                                                                                                                                        https://q89x88qh.r.ap-southeast-1.awstrack.me/L0/https:%2F%2Fblackdoor.in%2Fcazxccall%2Frtyucallingzxc%2F/1/010e01946a4fedf7-6a14e9da-4611-4b34-a7c5-f58f00519f0d-000000/p9HvzYrykwYBivTgZCa5Kf2-wBc=194Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 104.17.25.14
                                                                                                                                                                                                                                                                                                                                        https://lgray785.wixsite.com/my-site-4Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.67.162.22
                                                                                                                                                                                                                                                                                                                                        New order BPD-003777.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                                        • 172.67.183.191
                                                                                                                                                                                                                                                                                                                                        main.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 162.159.135.232
                                                                                                                                                                                                                                                                                                                                        main old source new token.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 162.159.133.234
                                                                                                                                                                                                                                                                                                                                        HETZNER-ASDEna.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                        • 88.198.246.242
                                                                                                                                                                                                                                                                                                                                        New order BPD-003777.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                                        • 136.243.64.147
                                                                                                                                                                                                                                                                                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                        • 88.198.246.242
                                                                                                                                                                                                                                                                                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                        • 88.198.246.242
                                                                                                                                                                                                                                                                                                                                        PO -2025918.exeGet hashmaliciousFormBook, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                        • 136.243.64.147
                                                                                                                                                                                                                                                                                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                        • 88.198.246.242
                                                                                                                                                                                                                                                                                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                        • 88.198.246.242
                                                                                                                                                                                                                                                                                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                        • 88.198.246.242
                                                                                                                                                                                                                                                                                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                                        • 88.198.246.242
                                                                                                                                                                                                                                                                                                                                        https://yjdjraabb.cc.rs6.net/tn.jsp?f=001cD7EmEKntgjghgQWpq9s2lW_mstWA0PSxRR7i3h0LbK5HgiPx3gu3HduoBs_Rnxmx0i7FlZL9378mrMLd5LlF6GT3bXi2U8GDrXfdsc2qPaLW94j0wm6KbaRHgZvZZRsEDv_wILG0rjmaLTfE5xpKJl15r5SI1xPSSiQsd9YUqKeemOHvTBSlSwV6tHZZ755Z52-jrPWl0FY7ZZ-PKGQ_IxPzhJqeaH15y4Vkailf2jrOpi4MibpjQ==&c=wK30YrUWFPbHl2B1oEErLYSqPkydS65M2el3xt7vMb11ny4WQ0yJgQ==&ch=8IgRaXvzzpu7qgxKTkXdqoYWo2ml_yYytv3GcZQiibggV2wrl_cJAA==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 176.9.23.98
                                                                                                                                                                                                                                                                                                                                        AS-CHOOPAUSi686.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                        • 192.248.174.130
                                                                                                                                                                                                                                                                                                                                        xd.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                        • 44.169.169.76
                                                                                                                                                                                                                                                                                                                                        Reversed order 24-25.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 45.63.57.89
                                                                                                                                                                                                                                                                                                                                        MK9UBUl8t7.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 44.34.121.1
                                                                                                                                                                                                                                                                                                                                        i486.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 108.61.212.84
                                                                                                                                                                                                                                                                                                                                        Handler.exeGet hashmaliciousDanaBot, VidarBrowse
                                                                                                                                                                                                                                                                                                                                        • 45.76.251.57
                                                                                                                                                                                                                                                                                                                                        UWYXurYZ2x.exeGet hashmaliciousLummaC, Amadey, Babadeda, DanaBot, KeyLogger, LummaC Stealer, Poverty StealerBrowse
                                                                                                                                                                                                                                                                                                                                        • 45.76.251.57
                                                                                                                                                                                                                                                                                                                                        9d2h99wrj.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                                                                                                                                                        • 192.248.189.11
                                                                                                                                                                                                                                                                                                                                        Solara.exeGet hashmaliciousPython Stealer, Exela Stealer, XmrigBrowse
                                                                                                                                                                                                                                                                                                                                        • 80.240.16.67
                                                                                                                                                                                                                                                                                                                                        80P.exeGet hashmaliciousI2PRATBrowse
                                                                                                                                                                                                                                                                                                                                        • 207.246.88.73

                                                                                                                                                                                                                                                                                                                                        JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                        1138de370e523e824bbca92d049a3777QQE81XYXon.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        txWVWM8Kx4.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        f5mfkHLLVe.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        hNgIvHRuTU.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        2lX8Z3eydC.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        ACH REMITTANCE DOCUMENT 15.01.25.xlsbGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        Personliche Nachricht fur e4060738.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        https://clickme.thryv.com/ls/click?upn=u001.5dsdCa4YiGVzoib36gWoSPT0wVekqsfeOZRSaz9d28itE0eTxOetbwlGaCx05rQJywXo_UNbDpVWBvKTmUslwem1E0EC2Cp68hMzvjQfllUT9E4DZqDf2uiRmAk3QSMceJiv-2FShXGXSXiT9Fl37dFQYscKLxEMcTJj4tm5gMav6Ov9aRXzCg4yzvno75Wb80hSd5kw8Ua5r4R2pwCFTS4zDFYiEkWB-2BYk1VUWtpkJwb9IQIMAq1SSLT005wiJ2XiGw1jPEr6v61MJQRnC7AeLVtxYgqGlydBoPFbs1IP04-2BxPajuRI3fTsnzWZ9ty3RasYpwuqdrF0E8VoyYkggeeLEm9ENK69uYTCVHWHpxCPkzirQSIkvpt5FNZojg491ibS35IgO0LPU5gnpEaeaUj4-2BZoFUHIAAzMMy-2BYqsZ9F9Ldu1c-3D#XGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        NLWfV87ouS.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        330tqxXVzm.dllGet hashmaliciousWannacryBrowse
                                                                                                                                                                                                                                                                                                                                        • 23.1.237.91
                                                                                                                                                                                                                                                                                                                                        37f463bf4616ecd445d4a1937da06e19BNXCXCJSD.jseGet hashmaliciousMassLogger RATBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157
                                                                                                                                                                                                                                                                                                                                        setup.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157
                                                                                                                                                                                                                                                                                                                                        00.ps1Get hashmaliciousPureCrypter, LummaC, LummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157
                                                                                                                                                                                                                                                                                                                                        00.ps1Get hashmaliciousPureCrypter, LummaC, LummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157
                                                                                                                                                                                                                                                                                                                                        Inquiry.jsGet hashmaliciousPXRECVOWEIWOEI StealerBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157
                                                                                                                                                                                                                                                                                                                                        138745635-72645747.116.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157
                                                                                                                                                                                                                                                                                                                                        2834573-3676874985.02.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157
                                                                                                                                                                                                                                                                                                                                        regsvr.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157
                                                                                                                                                                                                                                                                                                                                        0dsIoO7xjt.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        • 116.203.164.230
                                                                                                                                                                                                                                                                                                                                        • 149.154.167.99
                                                                                                                                                                                                                                                                                                                                        • 162.0.209.157

                                                                                                                                                                                                                                                                                                                                        Dropped Files

                                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exeHandler.exeGet hashmaliciousDanaBot, VidarBrowse
                                                                                                                                                                                                                                                                                                                                          C:\ProgramData\us0r9ri58y.exeHandler.exeGet hashmaliciousDanaBot, VidarBrowse

                                                                                                                                                                                                                                                                                                                                            Created / dropped Files

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\2dtjeu

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):159744
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                                                                                                                            MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                                                                                                                            SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                                                                                                                            SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                                                                                                                            SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\3oh479

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.2650875730544462
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:384:8/2qOB1nxCkMzSAELyKOMq+8yC8F/YfU5m+OlTLVumI:Bq+n0Jz9ELyKOMq+8y9/Owb
                                                                                                                                                                                                                                                                                                                                            MD5:69CD08558BD8F3852C76EC7C0F4B062B
                                                                                                                                                                                                                                                                                                                                            SHA1:776FFCA6892DFBF5E9433AF417B4BD7D7AF47BB2
                                                                                                                                                                                                                                                                                                                                            SHA-256:3CA695F4AEBEEC44BCE4ABDB72B54A377F9076433870D3E9C21A18DD90E60498
                                                                                                                                                                                                                                                                                                                                            SHA-512:FBB362118DD1C6312C58EDF69787FF9595DB5AA17E17C572C884C5A38186769BAF3A45D6505B1AC4FC190CD2D7BCB935A14610849D73F8FA0BD5461C123E452B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\6xb1d2

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (1743), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):9504
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.512408163813622
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:nnPOeRnWYbBp6RJ0aX+H6SEXKxkHWNBw8D4Sl:PeegJUaJHEw90
                                                                                                                                                                                                                                                                                                                                            MD5:1191AEB8EAFD5B2D5C29DF9B62C45278
                                                                                                                                                                                                                                                                                                                                            SHA1:584A8B78810AEE6008839EF3F1AC21FD5435B990
                                                                                                                                                                                                                                                                                                                                            SHA-256:0BF10710C381F5FCF42F9006D252E6CAFD2F18840865804EA93DAA06658F409A
                                                                                                                                                                                                                                                                                                                                            SHA-512:86FF4292BF8B6433703E4E650B6A4BF12BC203EF4BBBB2BC0EEEA8A3E6CC1967ABF486EEDCE80704D1023C15487CC34B6B319421D73E033D950DBB1724ABADD5
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "9e34c6e7-cbed-40a0-ba63-35488e171013");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696426836);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696426837);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\hlnohdjeu

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):40960
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                                                            MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                                                                            SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                                                                            SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                                                                            SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\l6xlf3

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):155648
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                                                                                                                            MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                                                                                                                            SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                                                                                                                            SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                                                                                                                            SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\my58gd

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):106496
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.136413900497188
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
                                                                                                                                                                                                                                                                                                                                            MD5:429F49156428FD53EB06FC82088FD324
                                                                                                                                                                                                                                                                                                                                            SHA1:560E48154B4611838CD4E9DF4C14D0F9840F06AF
                                                                                                                                                                                                                                                                                                                                            SHA-256:9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
                                                                                                                                                                                                                                                                                                                                            SHA-512:1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\phvaas

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                                                                            MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                                                                            SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                                                                            SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                                                                            SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\q9rqqqq1d

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):51200
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                                                                                                                            MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                                                                                                                            SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                                                                                                                            SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                                                                                                                            SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\8q9zu\u37g4w

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 32768, file counter 2, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):294912
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.08438200565341271
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:5va0zkVmvQhyn+Zoz679fqlQbGhMHPaVAL23v4U:51zkVmvQhyn+Zoz67NU
                                                                                                                                                                                                                                                                                                                                            MD5:F7EEE7B0D281E250D1D8E36486F5A2C3
                                                                                                                                                                                                                                                                                                                                            SHA1:309736A27E794672BD1BDFBAC69B2C6734FC25CE
                                                                                                                                                                                                                                                                                                                                            SHA-256:378DD46FE8A8AAC2C430AE8A7C5C1DC3C2A343534A64A263EC9A4F1CE801985E
                                                                                                                                                                                                                                                                                                                                            SHA-512:CE102A41CA4E2A27CCB27F415D2D69A75A0058BA0F600C23F63B89F30FFC982BA48336140714C522B46CC6D13EDACCE3DF0D6685D02844B8DB0AD3378DB9CABB
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:SQLite format 3......@ ..........................................................................j......z<.{...{.{a{.z.z<z.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Handler.exe_2ca2a4bd7f8cfe36afcf579a0875d5350a54f62_d95619b5_ff365293-c14f-495a-b65d-aaa38505eb94\Report.wer

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.9048022518672725
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:RToFaDss00ostgKjTOAqyS3QXIDcQlc6VcEdcw3t+BHUHZ0ownOgHkEwH3dEFWvo:RkMos00oTA0LR3ca2OzuiFKZ24IO8I
                                                                                                                                                                                                                                                                                                                                            MD5:168D6A3AF73CF66418F27D53B758426D
                                                                                                                                                                                                                                                                                                                                            SHA1:8E0482FC4FB8075F1F4441DD796DE728BE488B2C
                                                                                                                                                                                                                                                                                                                                            SHA-256:64D687CD8299F2E219C93C8F3A6E2A24C657A93EB8891E7B624EEB9EAF22AE83
                                                                                                                                                                                                                                                                                                                                            SHA-512:2CFFC145334B2538E4E1FEE4AFD3DD1A4D68C339CEF34CEDF915965FAF8FD078AE7B49A3EE0F4DDBE195C40FEE8BAB51C9B7225570638D9D1042D74BFDF8C774
                                                                                                                                                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                                                                                                                                                            Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.8.1.4.4.2.1.6.2.5.7.1.5.6.9.5.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.8.1.4.4.2.1.6.3.2.5.9.0.6.5.3.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.f.f.3.6.5.2.9.3.-.c.1.4.f.-.4.9.5.a.-.b.6.5.d.-.a.a.a.3.8.5.0.5.e.b.9.4.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.e.7.d.8.a.c.6.8.-.8.9.c.4.-.4.7.1.3.-.8.4.4.a.-.1.8.c.3.5.f.5.d.8.8.f.8.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.H.a.n.d.l.e.r...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.H.a.n.d.l.e.r...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.0.b.4.-.0.0.0.1.-.0.0.1.4.-.1.0.a.6.-.5.0.e.a.8.1.6.7.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.1.b.7.6.0.a.9.d.a.9.4.f.1.f.3.a.d.5.1.8.8.d.7.a.e.e.2.1.7.d.4.7.0.0.0.0.0.0.0.0.!.0.0.0.0.1.e.1.9.3.8.3.2.d.a.5.0.5.b.7.4.1.6.f.0.1.a.1.0.8.e.1.3.4.d.4.c.f.b.5.6.f.6.e.5.!.H.a.n.

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\Microsoft\Windows\WER\Temp\WERD9CE.tmp.dmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Mini DuMP crash report, 15 streams, Wed Jan 15 19:16:02 2025, 0x1205a4 type
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):165080
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.9251641448463066
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:2+mWFBpN4uE2aOESVXJbLTgTAp52TACDthWtTvgf9uBojRkR8:2+H4uEqEytLTgsC4kkR
                                                                                                                                                                                                                                                                                                                                            MD5:213E47D610CC43BAEEDC29A169884EFE
                                                                                                                                                                                                                                                                                                                                            SHA1:DA4D07A1C67CFD10F2DB2AC161571666033D313D
                                                                                                                                                                                                                                                                                                                                            SHA-256:45AE54BE70D93615C18205649C3BFE8498614364DC78E66657AB00101478D8E6
                                                                                                                                                                                                                                                                                                                                            SHA-512:CC8EEAEC55D3EE717DCFB96857347C34B8E3D501F92BBF6C2CC0A266B6BCFF22CB7D94C8BB42D0229F2AEDC471F208A2DB51E9384650F6FE44EB118D092FC3D3
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:MDMP..a..... .......r..g....................................$...........$...N0..........`.......8...........T...........($...`..........8...........$...............................................................................eJ..............GenuineIntel............T...........q..g.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\Microsoft\Windows\WER\Temp\WERDB08.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                            File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):8376
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.690293982927877
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:R6l7wVeJu869fe6YEIESU9rSq5gmf6VJGTpr089bvIsfnFm:R6lXJ1686YE7SU9rSq5gmf6VJGvv7fI
                                                                                                                                                                                                                                                                                                                                            MD5:B7753C56A72BEA854C51BBC11619E9BB
                                                                                                                                                                                                                                                                                                                                            SHA1:58783701111F3CEB8DBB05058A8458574E273C1E
                                                                                                                                                                                                                                                                                                                                            SHA-256:594642E0F31291C3917F7AFC3A3E8E65E745109F8EBB8246E72132F46EF9EDDF
                                                                                                                                                                                                                                                                                                                                            SHA-512:12CC1556BCDAA0306008C7B04D4EBC56A9B09386ECF8561E157E06235EEDEC0F1FF2DF934853B32432424F69CD27D402F6D63CFFFCDE5FE7DE145C23BABEA66C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.4.2.7.6.<./.P.i.

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\Microsoft\Windows\WER\Temp\WERDB47.tmp.xml

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                            File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):4735
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.434592261779216
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:cvIwWl8zs7Jg77aI9s/WpW8VYrYm8M4JEdxPcf6Fc+q8vXdxPcfvQVempDwMQd:uIjfVI7yu7VHJ1fbKwfvQVempLQd
                                                                                                                                                                                                                                                                                                                                            MD5:782EE2760A9350F58341DF882FD7D430
                                                                                                                                                                                                                                                                                                                                            SHA1:723B3933BB36458FCA67DEB0E3643F7EDFC7E156
                                                                                                                                                                                                                                                                                                                                            SHA-256:7534585012BE51F07D6603F6B04C69AB5DDBA749E7172BAB2106F715844D6073
                                                                                                                                                                                                                                                                                                                                            SHA-512:84A8712D2E5B8E64063CC6F99D2627751945EEE28189CE6CB3CA9F19957B1F83B7042943EC8880BF0E252DD132E6B43C1A001A94043D650E519267CF8C59E10E
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="677418" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                                                                                                                            C:\ProgramData\us0r9ri58y.exe

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):5768704
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.177310372869276
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:98304:2FcDb7q6XFlbwH09km8Wr+fPML/qDTdfGY8vCl6wv:h3u6XvbwU/8Wr+MLcpOns6w
                                                                                                                                                                                                                                                                                                                                            MD5:0A6AE4DE16757CD121632BAD3A903EDA
                                                                                                                                                                                                                                                                                                                                            SHA1:D6F1E5B9E94CB3F29873CD935356F586858A9FE7
                                                                                                                                                                                                                                                                                                                                            SHA-256:3454A44D19DA21B765B39886811918F59092CD9B1D0FCD9020F9779283B27B74
                                                                                                                                                                                                                                                                                                                                            SHA-512:E08BA43ABFC5494AA01EE3006656D1F6ADC70403EAFB38705C79104F52AAD1C7FEC619DCA06F8EFBB1128A15C6895BE4FDDA7A0552598DC87CAA34484EEE9966
                                                                                                                                                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                                                                                                                                                            Yara Hits:
                                                                                                                                                                                                                                                                                                                                            • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: C:\ProgramData\us0r9ri58y.exe, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                            • Rule: JoeSecurity_DanaBot_stealer_dll, Description: Yara detected DanaBot stealer dll, Source: C:\ProgramData\us0r9ri58y.exe, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                            • Rule: INDICATOR_SUSPICIOUS_GENInfoStealer, Description: Detects executables containing common artifcats observed in infostealers, Source: C:\ProgramData\us0r9ri58y.exe, Author: ditekSHen
                                                                                                                                                                                                                                                                                                                                            Antivirus:
                                                                                                                                                                                                                                                                                                                                            • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                                                                            • Antivirus: ReversingLabs, Detection: 83%
                                                                                                                                                                                                                                                                                                                                            Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                            • Filename: Handler.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                            Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L.....g..................O..6......D.O.......O...@...........................Y..................@....................T......`T..A....X..X....................T...............................T.....................PmT.......T......................text....O.......O................. ..`.itext..`.....O.......O............. ..`.data.........O.......O.............@....bss..........S..........................idata...A...`T..B....S.............@....didata.......T.......S.............@....edata........T.......S.............@..@.tls....(.....T..........................rdata..\.....T.......S.............@..@.reloc........T.......S.............@..B.rsrc....X....X..X....W.............@..@..............Y.......X.............@..@................

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0f39f77b-d60b-4c1b-b504-a302887155f2.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:modified
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44616
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.096258108426558
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkB4wu3hDO6vP6OVxt5GcMVYQwN1cGoup1Xl3jVzXr2:z/Ps+wsI7ynEP618Mchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:DA0D0B4DC3959138548C5399FC5615A2
                                                                                                                                                                                                                                                                                                                                            SHA1:ADFA465ED6DB9AC7E92F3491E12384DBA2BABE2B
                                                                                                                                                                                                                                                                                                                                            SHA-256:5EE7298AD1A4676E4F39D5A2CD91ED8597B2CBE6497E650B2B8100313B1C73D2
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4FEDC04B76480E0469217B059B8A80733BAC30D87250BE066D1CB5DBF803D5B992690D251123B1CFCE7DB640A1F7DEAFA1019F40A59A4558BEED898C3111B29
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0f5e236a-cba9-4881-aec9-f15aceea1400.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):45757
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090594254405012
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:mMkbJ6eg6KzhXRLrD92I8uUhDO6vP6OVxt5G4/nH3dF4HXsAv8CAo9Goup1Xl3jX:mMk16zRRvD92i618DXORo9hu3VlXr4C
                                                                                                                                                                                                                                                                                                                                            MD5:A640899BF74BDB56252CDFA4B1D2AE7F
                                                                                                                                                                                                                                                                                                                                            SHA1:BCD888A69F0CB1C97099C7FA30FE30E326E8CB72
                                                                                                                                                                                                                                                                                                                                            SHA-256:897570E8C10FAD4324B94765AFEE66176EC7A3424E36FE186BC37E0033C8A734
                                                                                                                                                                                                                                                                                                                                            SHA-512:F631940B482146DC43EFBA0997C76107528F091C90007A22369FD125FE529AC532D5CD07EA86A7F740670F89970B2689009AAD97F00ED5E34FBA52D1C6645DC9
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3425500e-dd2f-4107-b310-fad53e5252d7.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):45804
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090400495913324
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:mMkbJ6eg6KzhXRLrD92X8uUhDO6vP6OVxt5G4/nH3dF4HXsAv8CAo9Goup1Xl3jX:mMk16zRRvD92R618DXORo9hu3VlXr4C
                                                                                                                                                                                                                                                                                                                                            MD5:AFE388EFA52BB43211F68C9B7143BD8B
                                                                                                                                                                                                                                                                                                                                            SHA1:BF7720D7D9F6A26DD38DEB56B46957C15539F51E
                                                                                                                                                                                                                                                                                                                                            SHA-256:23BE2C488DFCAA5147D808664242964813129B6A5097BE7635DDA71F40401FDA
                                                                                                                                                                                                                                                                                                                                            SHA-512:1809BFB07D62A65CAAD809F8514ACD1AB716E59FC35EA795CFC2C6B4845B7C6177E5A18268ADF49F07A57C7F52B56F374D7923E5B0200B7534EB6830BFB5C41F
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\68b6b2d9-1e2f-4305-9f53-ff2129240dc1.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44616
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.096258108426558
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkB4wu3hDO6vP6OVxt5GcMVYQwN1cGoup1Xl3jVzXr2:z/Ps+wsI7ynEP618Mchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:DA0D0B4DC3959138548C5399FC5615A2
                                                                                                                                                                                                                                                                                                                                            SHA1:ADFA465ED6DB9AC7E92F3491E12384DBA2BABE2B
                                                                                                                                                                                                                                                                                                                                            SHA-256:5EE7298AD1A4676E4F39D5A2CD91ED8597B2CBE6497E650B2B8100313B1C73D2
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4FEDC04B76480E0469217B059B8A80733BAC30D87250BE066D1CB5DBF803D5B992690D251123B1CFCE7DB640A1F7DEAFA1019F40A59A4558BEED898C3111B29
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\709f16c5-3346-47df-b727-389198877ad3.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):45881
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090350400459848
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:mMkbJ6eg6KzhXRLrMo2X8uUhDO6vP6OVxt5GM/nH3dF4HXsAv8CAo9Goup1Xl3jX:mMk16zRRvMo2R618PXORo9hu3VlXr4C
                                                                                                                                                                                                                                                                                                                                            MD5:4D17DBCD3F748B4C2ED3669605619D13
                                                                                                                                                                                                                                                                                                                                            SHA1:297182280EF319659364B42C2A09D1E92C210E48
                                                                                                                                                                                                                                                                                                                                            SHA-256:DDFE9826635668DE516F7258B181835D28B740A13FF29AADB395FA68745DF289
                                                                                                                                                                                                                                                                                                                                            SHA-512:966F4894DC3542B1833A755F96129209197E0582833716E78A1E4BFD12C2177765063F7FB20486E67C689C2E8AA9FDB3B7F5C24C3D6954665A795E6A02CCF446
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\83629362-0169-40a3-a7d4-f9c31a3c713b.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):45881
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090348095235239
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:mMkbJ6eg6KzhXRLrM92X8uUhDO6vP6OVxt5GM/nH3dF4HXsAv8CAo9Goup1Xl3jX:mMk16zRRvM92R618PXORo9hu3VlXr4C
                                                                                                                                                                                                                                                                                                                                            MD5:F2F057A1FF419FA786B7BB70CF57AE41
                                                                                                                                                                                                                                                                                                                                            SHA1:19D0D9A7AEDA8625958C39FD31A4BA3B3C98584A
                                                                                                                                                                                                                                                                                                                                            SHA-256:E5E03B2E14954AD3076F6871426B171F969769D2B5B1ADF90A1C7AE234DEF220
                                                                                                                                                                                                                                                                                                                                            SHA-512:DE9244E066725101DADC8B737650DF94BD8DEA9DF36C5BEC70A2E9882E0FB2571729FD8E9C0AD0291492CFB4DFC581C17AF8A0CD511C13CB4FB224F08FB2C3ED
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\01954b75-00ed-42f3-b61b-fcb8475e8145.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):107893
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.640150861192053
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7A:fwUQC5VwBIiElEd2K57P7A
                                                                                                                                                                                                                                                                                                                                            MD5:B04D1201B7C983202CB8DEB5EABAB9D5
                                                                                                                                                                                                                                                                                                                                            SHA1:34804867487524FDFEEE1566462AAFBFB9CBD953
                                                                                                                                                                                                                                                                                                                                            SHA-256:542BC74CB247AB6047F9C5D54BAF615509B66795537EF501D50311F96B40A536
                                                                                                                                                                                                                                                                                                                                            SHA-512:850CF9734C1A893D31BEB4979B5ACB9D84728E72DE0C98E6F743BFFA361625622058339456209E64FC11FC7C817F5237FBE7EC0A3FF47DD76FDC8239615AE003
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):107893
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.640150861192053
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7A:fwUQC5VwBIiElEd2K57P7A
                                                                                                                                                                                                                                                                                                                                            MD5:B04D1201B7C983202CB8DEB5EABAB9D5
                                                                                                                                                                                                                                                                                                                                            SHA1:34804867487524FDFEEE1566462AAFBFB9CBD953
                                                                                                                                                                                                                                                                                                                                            SHA-256:542BC74CB247AB6047F9C5D54BAF615509B66795537EF501D50311F96B40A536
                                                                                                                                                                                                                                                                                                                                            SHA-512:850CF9734C1A893D31BEB4979B5ACB9D84728E72DE0C98E6F743BFFA361625622058339456209E64FC11FC7C817F5237FBE7EC0A3FF47DD76FDC8239615AE003
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3::
                                                                                                                                                                                                                                                                                                                                            MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                                                            SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                                                            SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                                                            SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3::
                                                                                                                                                                                                                                                                                                                                            MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                                                            SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                                                            SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                                                            SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):280
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.132041621771752
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:FiWWltlApdeXKeQwFMYLAfJrAazlYBVP/Sh/JzvPWVcRVEVg3WWD5x1:o1ApdeaEqYsMazlYBVsJDu2ziy5
                                                                                                                                                                                                                                                                                                                                            MD5:845CFA59D6B52BD2E8C24AC83A335C66
                                                                                                                                                                                                                                                                                                                                            SHA1:6882BB1CE71EB14CEF73413EFC591ACF84C63C75
                                                                                                                                                                                                                                                                                                                                            SHA-256:29645C274865D963D30413284B36CC13D7472E3CD2250152DEE468EC9DA3586F
                                                                                                                                                                                                                                                                                                                                            SHA-512:8E0E7E8CCDC8340F68DB31F519E1006FA7B99593A0C1A2425571DAF71807FBBD4527A211030162C9CE9E0584C8C418B5346C2888BEDC43950BF651FD1D40575E
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:sdPC......................X..<EE..r/y..."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................fdb35e9f-12f5-40d5-8d50-87a9333d43a4............

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\40cb594c-34d8-4d47-8feb-a9df9fcf409e.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):40504
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.5608549071481965
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:gPz08N7pLGLhWUWP99f668F1+UoAYDCx9Tuqh0VfUC9xbog/OVqnkbKV5rwty+Sw:gPz087chWUWP99f66u1jannkuVKtys6M
                                                                                                                                                                                                                                                                                                                                            MD5:464001CD9302B0DD862694DE4EDFE993
                                                                                                                                                                                                                                                                                                                                            SHA1:138A5005E305436BAFA9A3F72B5CB872F678D4C4
                                                                                                                                                                                                                                                                                                                                            SHA-256:5433347A9E238DC6905C1AABA6AC770E965283123D296CA2E87ED7FE182956AB
                                                                                                                                                                                                                                                                                                                                            SHA-512:00C42ECA0153BA5D68F29A395396F27F3EFFD75F17386FA0DD25351E4B60770515C4B56849E77CE0148382F96D90A28849AB7C4A97D7F41D25B9230440490245
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13381442186803306","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13381442186803306","location":5,"ma

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\90778258-f5b3-4fdf-a6b9-8317abc6c53a.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):26889
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.575965950398691
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:g2N06UWP99fH68F1+UoAYDCx9Tuqh0VfUC9xbog/OVMnJbKG5rwmApWtuV:g2N06UWP99fH6u1jahnJuGKMtK
                                                                                                                                                                                                                                                                                                                                            MD5:4CC83F9CCA7192F8414D24B0F30721A5
                                                                                                                                                                                                                                                                                                                                            SHA1:9ADD1396C109CD0D63AB95AD5B06D84B16BD6FC3
                                                                                                                                                                                                                                                                                                                                            SHA-256:FCCB636D53413800D207E9403163F0628CBD1212B12A1A6D27D335B96CD8EE2E
                                                                                                                                                                                                                                                                                                                                            SHA-512:C5A03D4585DBB40B5E2E93F6EC64F0C13F2DD4247364659FD9929782855127246B996B54947B7E7EC926A9AA764D3C8E6FC88A53434317BE3F9BD24051653E19
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13381442186803306","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13381442186803306","location":5,"ma

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\99eb968e-220a-4228-9c26-5f51a462b4d7.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):10531
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.213135259410048
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:strkdp3sOvsZihKyb5+ka+G28ybV+FaloQwT66WoaFIMYqPuYJ:strQ3sOvfhKyb5RbGzQwe6WoaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:D342BAC3CCBC23AE7EA9A1040952EB06
                                                                                                                                                                                                                                                                                                                                            SHA1:DB9CCDC7AA98E14FABB0E8E4E5D4CE422A2B0B32
                                                                                                                                                                                                                                                                                                                                            SHA-256:EE384B5C5992F5F446D53DE39FF92D288F63D51D9B70D05DDD1A48D4F6523B55
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4BDCC98E2EFC060793EFF54AF93E13560A6A07D5FE2B32BF3254CD74F1C7439D9A159CFC08E0FB971079B16870D4E2C098B64198397F1E895FD35BA13FB2720
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):16
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                            MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                            SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                            SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                            SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):16
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                            MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                            SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                            SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                            SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):41
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                            MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                            SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                            SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                            SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:modified
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2163821
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.222875220647078
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24576:v+/PN8FTfI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:v+/PN8Rfx2mjF
                                                                                                                                                                                                                                                                                                                                            MD5:53976C7BD3B0EDB08E7B04D5E9194459
                                                                                                                                                                                                                                                                                                                                            SHA1:7858B4F7AF18C03274F333D5BA24ECBA4F5EE203
                                                                                                                                                                                                                                                                                                                                            SHA-256:2C045DAFD78D9F95D2E7EF885E4D692F7DCFD325FC58CD096EFC7B5BFAFF888E
                                                                                                                                                                                                                                                                                                                                            SHA-512:BB7D8C3146A572215B614DCCCB7CFF1702B94613FACC71C3D5D87E3F80F5823F1C1FAB2F181B899EB4E51C20C5EB7D91E1B893BD3BC253E2EA9CA8465E67C92B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:...m.................DB_VERSION.1.l.i.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340900604462938.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):358
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.115530769819553
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6:iOJXiM+q2P923oH+Tcwt9Eh1tIFUtPcEmZmwtfLf0P1lLLfxhR2SVP:71+v4Yeb9Eh16FUtUEm/FYTLoSh
                                                                                                                                                                                                                                                                                                                                            MD5:3A47925F784EAB31EDE53A5250A0E075
                                                                                                                                                                                                                                                                                                                                            SHA1:A506C0DB0FA9ED128CBA84568EFFA403363D41FC
                                                                                                                                                                                                                                                                                                                                            SHA-256:6BAE4DCEE3B1B3987030A5C3924F7287D2EBB4254A25D196E0BBFD02DEA45942
                                                                                                                                                                                                                                                                                                                                            SHA-512:BFCF91F7DC9F9142339C20CC9FCFD60B78798420381274ECF176589310775E8C25C5F5F240E08121FA9A69CDEB7EFE0CFCD703B42B00BB2D136439809AA83495
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:2025/01/15-14:19:27.007 1cac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2025/01/15-14:19:27.011 1cac Recovering log #3.2025/01/15-14:19:27.031 1cac Level-0 table #3: started.2025/01/15-14:19:27.217 1cac Level-0 table #3: 739857 bytes OK.2025/01/15-14:19:27.227 1cac Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):358
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.115530769819553
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6:iOJXiM+q2P923oH+Tcwt9Eh1tIFUtPcEmZmwtfLf0P1lLLfxhR2SVP:71+v4Yeb9Eh16FUtUEm/FYTLoSh
                                                                                                                                                                                                                                                                                                                                            MD5:3A47925F784EAB31EDE53A5250A0E075
                                                                                                                                                                                                                                                                                                                                            SHA1:A506C0DB0FA9ED128CBA84568EFFA403363D41FC
                                                                                                                                                                                                                                                                                                                                            SHA-256:6BAE4DCEE3B1B3987030A5C3924F7287D2EBB4254A25D196E0BBFD02DEA45942
                                                                                                                                                                                                                                                                                                                                            SHA-512:BFCF91F7DC9F9142339C20CC9FCFD60B78798420381274ECF176589310775E8C25C5F5F240E08121FA9A69CDEB7EFE0CFCD703B42B00BB2D136439809AA83495
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:2025/01/15-14:19:27.007 1cac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2025/01/15-14:19:27.011 1cac Recovering log #3.2025/01/15-14:19:27.031 1cac Level-0 table #3: started.2025/01/15-14:19:27.217 1cac Level-0 table #3: 739857 bytes OK.2025/01/15-14:19:27.227 1cac Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old~RF647aa.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):358
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.115530769819553
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6:iOJXiM+q2P923oH+Tcwt9Eh1tIFUtPcEmZmwtfLf0P1lLLfxhR2SVP:71+v4Yeb9Eh16FUtUEm/FYTLoSh
                                                                                                                                                                                                                                                                                                                                            MD5:3A47925F784EAB31EDE53A5250A0E075
                                                                                                                                                                                                                                                                                                                                            SHA1:A506C0DB0FA9ED128CBA84568EFFA403363D41FC
                                                                                                                                                                                                                                                                                                                                            SHA-256:6BAE4DCEE3B1B3987030A5C3924F7287D2EBB4254A25D196E0BBFD02DEA45942
                                                                                                                                                                                                                                                                                                                                            SHA-512:BFCF91F7DC9F9142339C20CC9FCFD60B78798420381274ECF176589310775E8C25C5F5F240E08121FA9A69CDEB7EFE0CFCD703B42B00BB2D136439809AA83495
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:2025/01/15-14:19:27.007 1cac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2025/01/15-14:19:27.011 1cac Recovering log #3.2025/01/15-14:19:27.031 1cac Level-0 table #3: started.2025/01/15-14:19:27.217 1cac Level-0 table #3: 739857 bytes OK.2025/01/15-14:19:27.227 1cac Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):16
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                            MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                            SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                            SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                            SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):375520
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.35411794220153
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6144:oA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:oFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                                                                            MD5:A4A480D6AF00AC1D639FB802AEC4BADD
                                                                                                                                                                                                                                                                                                                                            SHA1:E62D297E911706C56F2C97F0D6E78E15A1DCD7E6
                                                                                                                                                                                                                                                                                                                                            SHA-256:A458BFAEB053FBF700B5CEC0BAE271A6F2DA8535EE13027FF72B8A2FB129166F
                                                                                                                                                                                                                                                                                                                                            SHA-512:B0FEB48E4249BD23260D94159BAB9B2BD05DBD73EC9916E17A7F8254957CB448C1D5DC59034F955103B6A95B846C08FA96C1A9DBADB2622C0F724C656FBB57EF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:...m.................DB_VERSION.1I..Iq...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13381442195351466..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):16
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                            MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                            SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                            SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                            SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):311
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.165631290510984
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6:iOJcvU21923oH+Tcwtk2WwnvB2KLl/ccDM+q2P923oH+Tcwtk2WwnvIFUv:7nYebkxwnvFLVM+v4YebkxwnQFUv
                                                                                                                                                                                                                                                                                                                                            MD5:10E027B1E4A84F344B2CF480138398B4
                                                                                                                                                                                                                                                                                                                                            SHA1:F0F9FC0F3DC6E673775604DDC447810F294386BC
                                                                                                                                                                                                                                                                                                                                            SHA-256:562DC408F22588DABD30BA4E3C8B014E3A31EFD29C10B2B46E7B0C294A3827A4
                                                                                                                                                                                                                                                                                                                                            SHA-512:B86DC70BD8AB0DD91D9786B7C8B38185A0F2AD6AFFA640F21B3175FB54EC1934D3CB9BA0ED1E0DFD1F86282436CDF2BD1A744D335DC1097FE78BADF58FC0E008
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:2025/01/15-14:16:32.775 216c Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2025/01/15-14:16:33.110 216c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):41
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                            MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                            SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                            SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                            SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:modified
                                                                                                                                                                                                                                                                                                                                            Size (bytes):358860
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.324620416079935
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RH:C1gAg1zfv/
                                                                                                                                                                                                                                                                                                                                            MD5:6752B4220BB1C600EB58A71B7D9D8351
                                                                                                                                                                                                                                                                                                                                            SHA1:10B11EB21EA1C769446F11F6200D982488484266
                                                                                                                                                                                                                                                                                                                                            SHA-256:CAAF031EA0EB73734027620F040548F16A81289FBB50AA2A01D3F58A046F7CFA
                                                                                                                                                                                                                                                                                                                                            SHA-512:EF17388CC3C91319EE5853A127DDAD63AD2F34F767D2B6626C460836972413353397BF40373D94DABB679B1792D9FC34646B3BBE50769521ABEB8788FC86C066
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):429
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                                                                            MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                                                                            SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                                                                            SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                                                                            SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):115717
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                                            MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                                            SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                                            SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                                            SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\2ded8536-defa-4665-9fff-6780240cf144.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1769
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.318160593402002
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:YALlC51SFFGJ/I3RdsUZVMdmRds/ZFRudFGRRdsgZ6ma3yeesw6maPsw6C1VdsAG:YALlCv+gCzsMtshfcKsgleeBkBRsACM+
                                                                                                                                                                                                                                                                                                                                            MD5:28B7142E8A85F20541F154D5A52302D9
                                                                                                                                                                                                                                                                                                                                            SHA1:24C1B0D0BDB09AA37B4A6B6C558B96CA477A0781
                                                                                                                                                                                                                                                                                                                                            SHA-256:5F4D84EC70A4E42BE0CE0B2F1D7BE42F2355625E06718A769E1EA1D638F210E2
                                                                                                                                                                                                                                                                                                                                            SHA-512:3859055D08791B4A2AA8C214094E4C39D2C2E3E87DF8C1584067E04EB48BD635D12891D136476247573CC107DE85BEDA10936486E1D7105491EFA59E1AECC58B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"net":{"http_server_properties":{"broken_alternative_services":[{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"broken_count":23,"broken_until":"1736968898","host":"assets.msn.com","port":443,"protocol_str":"quic"}],"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13384034190185277","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13384034193512477","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13381535795238511","port":443,"protoc

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\70713d9c-df2f-443a-ae32-37d1da7ac63f.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\77d14e88-85ae-4b04-8fb1-6552c08fd1fa.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1769
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.318160593402002
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:YALlC51SFFGJ/I3RdsUZVMdmRds/ZFRudFGRRdsgZ6ma3yeesw6maPsw6C1VdsAG:YALlCv+gCzsMtshfcKsgleeBkBRsACM+
                                                                                                                                                                                                                                                                                                                                            MD5:28B7142E8A85F20541F154D5A52302D9
                                                                                                                                                                                                                                                                                                                                            SHA1:24C1B0D0BDB09AA37B4A6B6C558B96CA477A0781
                                                                                                                                                                                                                                                                                                                                            SHA-256:5F4D84EC70A4E42BE0CE0B2F1D7BE42F2355625E06718A769E1EA1D638F210E2
                                                                                                                                                                                                                                                                                                                                            SHA-512:3859055D08791B4A2AA8C214094E4C39D2C2E3E87DF8C1584067E04EB48BD635D12891D136476247573CC107DE85BEDA10936486E1D7105491EFA59E1AECC58B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"net":{"http_server_properties":{"broken_alternative_services":[{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"broken_count":23,"broken_until":"1736968898","host":"assets.msn.com","port":443,"protocol_str":"quic"}],"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13384034190185277","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13384034193512477","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13381535795238511","port":443,"protoc

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF39fbc.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3ab64.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3aefe.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):40
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                            MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                            SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                            SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                            SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\b011208f-138c-4ba8-84ac-633616314822.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\d165d39c-c4a7-4ffb-b54f-fdaba55cf1ca.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\df27dc3f-c5c0-4fc9-8eeb-732bc2fd216c.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):40
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                            MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                            SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                            SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                            SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):10531
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.213135259410048
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:strkdp3sOvsZihKyb5+ka+G28ybV+FaloQwT66WoaFIMYqPuYJ:strQ3sOvfhKyb5RbGzQwe6WoaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:D342BAC3CCBC23AE7EA9A1040952EB06
                                                                                                                                                                                                                                                                                                                                            SHA1:DB9CCDC7AA98E14FABB0E8E4E5D4CE422A2B0B32
                                                                                                                                                                                                                                                                                                                                            SHA-256:EE384B5C5992F5F446D53DE39FF92D288F63D51D9B70D05DDD1A48D4F6523B55
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4BDCC98E2EFC060793EFF54AF93E13560A6A07D5FE2B32BF3254CD74F1C7439D9A159CFC08E0FB971079B16870D4E2C098B64198397F1E895FD35BA13FB2720
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3d6ba.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):10531
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.213135259410048
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:strkdp3sOvsZihKyb5+ka+G28ybV+FaloQwT66WoaFIMYqPuYJ:strQ3sOvfhKyb5RbGzQwe6WoaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:D342BAC3CCBC23AE7EA9A1040952EB06
                                                                                                                                                                                                                                                                                                                                            SHA1:DB9CCDC7AA98E14FABB0E8E4E5D4CE422A2B0B32
                                                                                                                                                                                                                                                                                                                                            SHA-256:EE384B5C5992F5F446D53DE39FF92D288F63D51D9B70D05DDD1A48D4F6523B55
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4BDCC98E2EFC060793EFF54AF93E13560A6A07D5FE2B32BF3254CD74F1C7439D9A159CFC08E0FB971079B16870D4E2C098B64198397F1E895FD35BA13FB2720
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4240f.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):10531
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.213135259410048
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:strkdp3sOvsZihKyb5+ka+G28ybV+FaloQwT66WoaFIMYqPuYJ:strQ3sOvfhKyb5RbGzQwe6WoaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:D342BAC3CCBC23AE7EA9A1040952EB06
                                                                                                                                                                                                                                                                                                                                            SHA1:DB9CCDC7AA98E14FABB0E8E4E5D4CE422A2B0B32
                                                                                                                                                                                                                                                                                                                                            SHA-256:EE384B5C5992F5F446D53DE39FF92D288F63D51D9B70D05DDD1A48D4F6523B55
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4BDCC98E2EFC060793EFF54AF93E13560A6A07D5FE2B32BF3254CD74F1C7439D9A159CFC08E0FB971079B16870D4E2C098B64198397F1E895FD35BA13FB2720
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4993f.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):10531
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.213135259410048
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:strkdp3sOvsZihKyb5+ka+G28ybV+FaloQwT66WoaFIMYqPuYJ:strQ3sOvfhKyb5RbGzQwe6WoaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:D342BAC3CCBC23AE7EA9A1040952EB06
                                                                                                                                                                                                                                                                                                                                            SHA1:DB9CCDC7AA98E14FABB0E8E4E5D4CE422A2B0B32
                                                                                                                                                                                                                                                                                                                                            SHA-256:EE384B5C5992F5F446D53DE39FF92D288F63D51D9B70D05DDD1A48D4F6523B55
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4BDCC98E2EFC060793EFF54AF93E13560A6A07D5FE2B32BF3254CD74F1C7439D9A159CFC08E0FB971079B16870D4E2C098B64198397F1E895FD35BA13FB2720
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF58738.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):10531
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.213135259410048
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:strkdp3sOvsZihKyb5+ka+G28ybV+FaloQwT66WoaFIMYqPuYJ:strQ3sOvfhKyb5RbGzQwe6WoaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:D342BAC3CCBC23AE7EA9A1040952EB06
                                                                                                                                                                                                                                                                                                                                            SHA1:DB9CCDC7AA98E14FABB0E8E4E5D4CE422A2B0B32
                                                                                                                                                                                                                                                                                                                                            SHA-256:EE384B5C5992F5F446D53DE39FF92D288F63D51D9B70D05DDD1A48D4F6523B55
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4BDCC98E2EFC060793EFF54AF93E13560A6A07D5FE2B32BF3254CD74F1C7439D9A159CFC08E0FB971079B16870D4E2C098B64198397F1E895FD35BA13FB2720
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF843d8.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):10531
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.213135259410048
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:strkdp3sOvsZihKyb5+ka+G28ybV+FaloQwT66WoaFIMYqPuYJ:strQ3sOvfhKyb5RbGzQwe6WoaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:D342BAC3CCBC23AE7EA9A1040952EB06
                                                                                                                                                                                                                                                                                                                                            SHA1:DB9CCDC7AA98E14FABB0E8E4E5D4CE422A2B0B32
                                                                                                                                                                                                                                                                                                                                            SHA-256:EE384B5C5992F5F446D53DE39FF92D288F63D51D9B70D05DDD1A48D4F6523B55
                                                                                                                                                                                                                                                                                                                                            SHA-512:D4BDCC98E2EFC060793EFF54AF93E13560A6A07D5FE2B32BF3254CD74F1C7439D9A159CFC08E0FB971079B16870D4E2C098B64198397F1E895FD35BA13FB2720
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):26889
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.575965950398691
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:g2N06UWP99fH68F1+UoAYDCx9Tuqh0VfUC9xbog/OVMnJbKG5rwmApWtuV:g2N06UWP99fH6u1jahnJuGKMtK
                                                                                                                                                                                                                                                                                                                                            MD5:4CC83F9CCA7192F8414D24B0F30721A5
                                                                                                                                                                                                                                                                                                                                            SHA1:9ADD1396C109CD0D63AB95AD5B06D84B16BD6FC3
                                                                                                                                                                                                                                                                                                                                            SHA-256:FCCB636D53413800D207E9403163F0628CBD1212B12A1A6D27D335B96CD8EE2E
                                                                                                                                                                                                                                                                                                                                            SHA-512:C5A03D4585DBB40B5E2E93F6EC64F0C13F2DD4247364659FD9929782855127246B996B54947B7E7EC926A9AA764D3C8E6FC88A53434317BE3F9BD24051653E19
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13381442186803306","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13381442186803306","location":5,"ma

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3d66c.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):26889
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.575965950398691
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:g2N06UWP99fH68F1+UoAYDCx9Tuqh0VfUC9xbog/OVMnJbKG5rwmApWtuV:g2N06UWP99fH6u1jahnJuGKMtK
                                                                                                                                                                                                                                                                                                                                            MD5:4CC83F9CCA7192F8414D24B0F30721A5
                                                                                                                                                                                                                                                                                                                                            SHA1:9ADD1396C109CD0D63AB95AD5B06D84B16BD6FC3
                                                                                                                                                                                                                                                                                                                                            SHA-256:FCCB636D53413800D207E9403163F0628CBD1212B12A1A6D27D335B96CD8EE2E
                                                                                                                                                                                                                                                                                                                                            SHA-512:C5A03D4585DBB40B5E2E93F6EC64F0C13F2DD4247364659FD9929782855127246B996B54947B7E7EC926A9AA764D3C8E6FC88A53434317BE3F9BD24051653E19
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13381442186803306","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13381442186803306","location":5,"ma

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):16
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                            MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                            SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                            SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                            SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):16
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                                            MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                                            SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                                            SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                                            SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):41
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                                            MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                                            SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                                            SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                                            SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):115523
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.578344865430217
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:sU906yxPXfOxr1lhCe1nL/ImL/rBZXJCjPXNtPSdWGyhjY:B9LyxPXfOxr1lMe1nL/5L/TXJ68WHS
                                                                                                                                                                                                                                                                                                                                            MD5:EBE3A0826BB82164C469B342EAEFB675
                                                                                                                                                                                                                                                                                                                                            SHA1:E66F0F0764E3ADB1BA49BE42C6B7821C00AC7148
                                                                                                                                                                                                                                                                                                                                            SHA-256:6FCA500C002FA0C3EBFF9CA942D14D2D164FCD8045935560691DC51D0F0A42BE
                                                                                                                                                                                                                                                                                                                                            SHA-512:3D160E5E4BC86BBF2AE791915859AA2140367AEAFE0D12349722061C182A8DB14692946FC593C8E86EA68B61D4CB7BAEE2ADD89697E9CD09E0222F431539B5AB
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):190089
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.388297432075585
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3072:83VQk88GQJx6Tw2PZncd4L/B19tzaO6qwEwzqob4:A36Twmnc+L/j/T6fE3B
                                                                                                                                                                                                                                                                                                                                            MD5:DE03BD60004B78E926BF86748522ECB6
                                                                                                                                                                                                                                                                                                                                            SHA1:FDB4739F746381860DCCCAED0098409AF6633DFC
                                                                                                                                                                                                                                                                                                                                            SHA-256:30BF1ACA9657155700B96D25D4127D6D2C0DEBE1F1842092C79D88D729CE73A4
                                                                                                                                                                                                                                                                                                                                            SHA-512:62905AF2D318BA23D9AD52223073334D0A265DA558B3A701FD498A471B8CB413789C5B49298F8EC114370A47B60ADA2C734A2AEC8EE9C7A59A5D38827210C824
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:0\r..m..........rSG.....0....z3.................;R....x.0........,T.8..`,.....L`.....,T...`......L`......Rc..C.....exports...Rc..d.....module....Rc........define....Rb..{.....amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H........Q.....12{...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true.a........Db............D`.....E..A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da.....b...,T.`.`z.....L`..........a............a.........Dr8..............

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):24
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                                                                            MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                                                                            SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                                                                            SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                                                                            SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:0\r..m..................

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):48
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):2.827004947420871
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:pxqSR0E3lx8:p9o
                                                                                                                                                                                                                                                                                                                                            MD5:61121BA4903141C6E2629AAE4A084203
                                                                                                                                                                                                                                                                                                                                            SHA1:252C7DAA5BD73FAA618E064F9839A2C21FE84ACA
                                                                                                                                                                                                                                                                                                                                            SHA-256:4C32989DC35368DBBF5D9291E7C8D288093E8E6BCD0B68C430433C71D2A00FCB
                                                                                                                                                                                                                                                                                                                                            SHA-512:A530BFE57C81071983A2182AB0DBFD8EB10D9EE4FAA0E381616AD46C3FEF111C5727BE3D97222D9C3D03797AD41390DF81DCB52C858E94AC9F11310CED179A3A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:(.....SOoy retne............................Y./.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):48
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):2.827004947420871
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:pxqSR0E3lx8:p9o
                                                                                                                                                                                                                                                                                                                                            MD5:61121BA4903141C6E2629AAE4A084203
                                                                                                                                                                                                                                                                                                                                            SHA1:252C7DAA5BD73FAA618E064F9839A2C21FE84ACA
                                                                                                                                                                                                                                                                                                                                            SHA-256:4C32989DC35368DBBF5D9291E7C8D288093E8E6BCD0B68C430433C71D2A00FCB
                                                                                                                                                                                                                                                                                                                                            SHA-512:A530BFE57C81071983A2182AB0DBFD8EB10D9EE4FAA0E381616AD46C3FEF111C5727BE3D97222D9C3D03797AD41390DF81DCB52C858E94AC9F11310CED179A3A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:(.....SOoy retne............................Y./.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF40f2f.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):48
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):2.827004947420871
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:pxqSR0E3lx8:p9o
                                                                                                                                                                                                                                                                                                                                            MD5:61121BA4903141C6E2629AAE4A084203
                                                                                                                                                                                                                                                                                                                                            SHA1:252C7DAA5BD73FAA618E064F9839A2C21FE84ACA
                                                                                                                                                                                                                                                                                                                                            SHA-256:4C32989DC35368DBBF5D9291E7C8D288093E8E6BCD0B68C430433C71D2A00FCB
                                                                                                                                                                                                                                                                                                                                            SHA-512:A530BFE57C81071983A2182AB0DBFD8EB10D9EE4FAA0E381616AD46C3FEF111C5727BE3D97222D9C3D03797AD41390DF81DCB52C858E94AC9F11310CED179A3A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:(.....SOoy retne............................Y./.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):270336
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                                            MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                                            SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                                            SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                                            SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):270336
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                                            MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                                            SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                                            SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                                            SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\4c3d88df-5418-41bf-9eca-134cd1203c8d.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\8133eaab-f5f5-4284-8dd9-72695dffd31b.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3ab74.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3aecf.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):40
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                            MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                            SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                            SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                            SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d8cfcd77-7408-48d9-a471-cb8ad4cdf59d.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                            MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[]

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\e3da5696-749d-4c67-a930-8e2b89490969.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):40
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                                            MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                                            SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                                            SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                                            SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a0a4e87e-d41a-47df-959f-56f0a2e7f76f.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                            MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ae79926d-84ef-4c90-b4a2-f85ae378515d.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                            MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):11755
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                                                                            MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                                                                            SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                                                                            SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                                                                            SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b091a529-6d53-4e82-95ef-ec2f6d69fc1e.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):115717
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                                            MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                                            SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                                            SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                                            SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d5dac632-baa5-4790-adcc-6c082f81b8ec.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 text, with very long lines (17620), with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):17622
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.4939272104283665
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:384:strPGKSu43sOvfhKyb5FW4kW4YYIbGzQwe6WoaTYA:sdOxuqvfjb5F7k7kbGsRkaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:A0DF481BC51CBC083608CD8C8C4865C6
                                                                                                                                                                                                                                                                                                                                            SHA1:AAAAEA939375EB866F1AC2588158E54D4FD5073C
                                                                                                                                                                                                                                                                                                                                            SHA-256:A0A891D83E303A3C966EE2741A6DC26BC0580770F1BFA1C31AA44FF61275DB62
                                                                                                                                                                                                                                                                                                                                            SHA-512:295004BA0E72778CBB9E5519FA143FC566EBEA256BED1DED160DEFB7C9C0AEC39EC61689818CA518AF57EE789AF8EA6F821E827D968F8C4BB662F40BDF53E56A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ee9dba06-b2c3-46d8-b94b-726323fb9a8c.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 text, with very long lines (17785), with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):17787
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.490406458898792
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:384:strPGKSu43sOvfhKyb5FW4kW4YYIbGzQwe6WZlaTYA:sdOxuqvfjb5F7k7kbGsRjaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:5A9F253D448455B8B0E0E8113D3773D6
                                                                                                                                                                                                                                                                                                                                            SHA1:E19FE8F110C4F9F7504B45B651DA04A946EAA96D
                                                                                                                                                                                                                                                                                                                                            SHA-256:E0FBD9D3F241A5AC2C55EE1D4C49CDF42F8BA34845850D6CF94EFD37BCA2E8BC
                                                                                                                                                                                                                                                                                                                                            SHA-512:0D6D44DF1E5BCCA2A667C03D7571CB14A6F38FFD0F6124319F5E8FD8307C76DDECD745064ED9539C331ED1FFE75B3632480F198A55E3C685E110F0BFA6F43060
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ffb986c0-25b1-4fb9-af81-41d9ec66a314.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 text, with very long lines (17785), with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):17787
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.490414860258828
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:384:strPGKSu43sOvfhKyb5FW4kW4YYIbGzQwe6WYlaTYA:sdOxuqvfjb5F7k7kbGsRuaTYA
                                                                                                                                                                                                                                                                                                                                            MD5:3BEAE73E24F861A477360A37AEF22DC1
                                                                                                                                                                                                                                                                                                                                            SHA1:AC72DA9C59F9C3002CFB45A80647936952C8156D
                                                                                                                                                                                                                                                                                                                                            SHA-256:9967835D3BF08DCD1AF2CCA11222334AF773CD0C15DCD8BCABEB9048BDFAF665
                                                                                                                                                                                                                                                                                                                                            SHA-512:0952015AB5FCB934B9187DDFB2ED603C547C4214412494A1981CCBCC31F43E4C90690E5BB3C1AAE38BB71D18DD01D7411213AE651AA7F64062F301F77B69258B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13381442187438388","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):120
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                                                                            MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                                                                            SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                                                                            SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                                                                            SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):13
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                                                                                            MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                                                                                            SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                                                                                            SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                                                                                            SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:117.0.2045.47

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF385cb.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38619.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF387ee.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3aefe.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3df55.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49910.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4fb35.TMP (copy)

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):47
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                                                                            MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                                                                            SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                                                                            SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                                                                            SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):35
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                                                                            MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                                                                            SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                                                                            SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                                                                            SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):81
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                                                                            MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                                                                            SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                                                                            SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                                                                            SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):130439
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                                                                            MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                                                                            SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                                                                            SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                                                                            SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):40
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                                                                            MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                                                                            SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                                                                            SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                                                                            SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):57
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                                                                            MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                                                                            SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                                                                            SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                                                                            SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):29
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                                                                            MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                                                                            SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                                                                            SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                                                                            SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):575056
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                                                                            MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                                                                            SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                                                                            SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                                                                            SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):460992
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                                                                            MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                                                                            SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                                                                            SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                                                                            SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):9
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                                                                            MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                                                                            SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                                                                            SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                                                                            SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:uriCache_

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):179
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.025298602796656
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAclS2V3G5:YWLSGTt1o9LuLgfGBPAzkVj/T8lS2m
                                                                                                                                                                                                                                                                                                                                            MD5:60B3A00CADFC1A8C23741B0D8BF50D5F
                                                                                                                                                                                                                                                                                                                                            SHA1:09D63F4B5C7ECA694734328BBA18CC2BF21F6E56
                                                                                                                                                                                                                                                                                                                                            SHA-256:23D8DE47F0868639C3FAB98E1A6F4D65A726E332AF208B27E00639B3A89913CC
                                                                                                                                                                                                                                                                                                                                            SHA-512:496298FD2503638283E67C7704B13D4E68F7BFBDF0CF22B5001F2DFC0E85DF0FF974B737B4CC0E4227BB7C8418C514C854DB4424F0761A3AFA502BFE7DE88BDB
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1737069390334567}]}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):86
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQw:YQ3Kq9X0dMgAEwj2
                                                                                                                                                                                                                                                                                                                                            MD5:16B7586B9EBA5296EA04B791FC3D675E
                                                                                                                                                                                                                                                                                                                                            SHA1:8890767DD7EB4D1BEAB829324BA8B9599051F0B0
                                                                                                                                                                                                                                                                                                                                            SHA-256:474D668707F1CB929FEF1E3798B71B632E50675BD1A9DCEAAB90C9587F72F680
                                                                                                                                                                                                                                                                                                                                            SHA-512:58668D0C28B63548A1F13D2C2DFA19BCC14C0B7406833AD8E72DFC07F46D8DF6DED46265D74A042D07FBC88F78A59CB32389EF384EC78A55976DFC2737868771
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":2}

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a14e2c35-285b-4959-81ac-56f2a4cd50bb.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44697
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.095963497946514
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkB3wu3hDO6vP6OVxt5G4/nH3dF4HcGoup1Xl3jVzXq:z/Ps+wsI7yOEm618Dchu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:2384668BB2BC2A8D1CAF890009C1C4CE
                                                                                                                                                                                                                                                                                                                                            SHA1:415927F54B5E32311B436C05DF8FF49145F2D752
                                                                                                                                                                                                                                                                                                                                            SHA-256:D5A5C59DE01B1C8316A06D58BB035B7C5261EE6D2AE125E364005C528DD81777
                                                                                                                                                                                                                                                                                                                                            SHA-512:34E301F5F19EA5A3BBF922A828B297135ADF3702A26E6B3AA7D99936160F271CB46157BB8C63F772F741CA710F35D420044672C4CC0C9E1B8BA9D76D1BEBE388
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c02f0366-3dcd-43d6-ba99-8e241f06e7c0.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):44137
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.090718770301923
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMNwuF9hDO6vP6O+otbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEp6Ftbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                                                                                            MD5:8ECACEBA39A23158FEC034776782045F
                                                                                                                                                                                                                                                                                                                                            SHA1:AAF130242F18B68E74BF67A8C66D6E8B9B3EB754
                                                                                                                                                                                                                                                                                                                                            SHA-256:59DFC5F03A23AB7BD52B0209D9F2747903F276AE5CE5C6251007D12432B8EF63
                                                                                                                                                                                                                                                                                                                                            SHA-512:647AF41D3F63B959869AF49F25B2CE95C84E7A4EEED65CA33A03F10BAD9B0AD3706CE248124A6393D2ED05725CBD6FB133369D9BD09605F6ADCB0398DA74C10B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2278
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.845527865307668
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:uiTrlKxrgxYxl9Il8uXSpOpxGPNDCZ/EtlWsVU/d1rc:mFYxSYwTtlWW
                                                                                                                                                                                                                                                                                                                                            MD5:9876A9492C0727D92042F82A8BF0FF44
                                                                                                                                                                                                                                                                                                                                            SHA1:C98B18B89543E53D70F233A0DDE0632556007A90
                                                                                                                                                                                                                                                                                                                                            SHA-256:8839761CD7DC361536E88AB32AEF0B8E26A3CFD399649DED994269810D7D5FBA
                                                                                                                                                                                                                                                                                                                                            SHA-512:C5BEBD8AFD50D5063EEB5DB8346525B9916F17E4F20A6676D90B9E442FA23E47E8174D190FF59430A55EAF94362E66DB4C45F6AE8D601FD74786F03DB0E1D9CA
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.O.P.w.X.I.p.n.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.l.y.o.w.F.q.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):4622
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.9961633551116758
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:oYxoYi/Z97M7++6n/VwaDUmP8aW8B+7kzTsGA1:oqoXh5TU08aLhw
                                                                                                                                                                                                                                                                                                                                            MD5:43C47B05AA6412C2DE941D1D65051368
                                                                                                                                                                                                                                                                                                                                            SHA1:433A2743EA79C9BE4BDC6A8D4FC76DADDD8183A7
                                                                                                                                                                                                                                                                                                                                            SHA-256:0E4B2F3326C567DD84A01FF291D897F88798CA6110F61A827E239BA69C9F32BC
                                                                                                                                                                                                                                                                                                                                            SHA-512:6E1367D6B6675877D8187F6DDDA5836AECC61256593F9D0EFCDBD414B895C6D3FC84B113E4260E0EC19DB2AE8387302B25B6B720D88DAAD8F5EEC4E63E23AA11
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".P.Q.I.q.Q.4.J.n.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.l.y.o.w.F.q.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2684
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.90404264663076
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:uiTrlKx68Wa7xexl9Il8uXNaJNAEIg2jhn3qbgoM3Y1YKUp8ud/vc:aEYxNa0EV2l3egMOKA87
                                                                                                                                                                                                                                                                                                                                            MD5:9C5C20513CDD62838EF825C2964EB507
                                                                                                                                                                                                                                                                                                                                            SHA1:EDCB78FF588D612FAB5FCCBBF2271A70E84E4C02
                                                                                                                                                                                                                                                                                                                                            SHA-256:ACBE7AFDEB5CEC556B4C7379DDA9C5F19E3F926913B5030D260DB86D582BD09F
                                                                                                                                                                                                                                                                                                                                            SHA-512:494E6F76590592397B43D04D17F24438F60F60C07E6AA2E97F73B4A751A484B5DA9F7B69D7336059603CC1FDEE6EB072E9099EAD91A4DD0D1EE5D016136AE45E
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".1.m.4.1.d.F.O.G.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.l.y.o.w.F.q.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\json[1].json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):3500
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.392200844269097
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:6NnCsdHCsaNnCUbCYNnCc9CSNnCQTwdgECQcNnC8C/NnCdIhDCdENnCgwC1NnCZT:6NPFaNlNbNSwNANOIh6ENhfNs
                                                                                                                                                                                                                                                                                                                                            MD5:CE6A07B78AD78C7B72888BA5B08B8F95
                                                                                                                                                                                                                                                                                                                                            SHA1:BB144EC35E35165FBFBF3EF1598D76EE17DE0CB8
                                                                                                                                                                                                                                                                                                                                            SHA-256:40D36CABDDBF251E1DCD6027FD164CBA18DBE68CEDCDDFE5BD7EA9C1E69C84B2
                                                                                                                                                                                                                                                                                                                                            SHA-512:F7F3D384809590BD51FF3B58FBBA3D291632C77A075A974A91281C8BE22D0AE28BFCE03B650AC809C1963E4780D91D5FB6385F0BD24C3DC4E12C6F1265BB9907
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/093342B226E0CD555F9F5A2520FBC3FB",.. "id": "093342B226E0CD555F9F5A2520FBC3FB",.. "title": "Microsoft Voices",.. "type": "background_page",.. "url": "chrome-extension://jdiccldimpdaibmpdkjnbmckianbfold/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/093342B226E0CD555F9F5A2520FBC3FB"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/34044258C66E928B1FE4DB9894C78B00",.. "id": "34044258C66E928B1FE4DB9894C78B00",.. "title": "WebRTC Internals Extension",.. "type": "background_page",.. "url": "chrome-extension://ncbjelpjchkpbikbpkcchkhkblodoama/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/34044258C66E928B1FE4DB9894C78B00"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):5768704
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.177310372869276
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:98304:2FcDb7q6XFlbwH09km8Wr+fPML/qDTdfGY8vCl6wv:h3u6XvbwU/8Wr+MLcpOns6w
                                                                                                                                                                                                                                                                                                                                            MD5:0A6AE4DE16757CD121632BAD3A903EDA
                                                                                                                                                                                                                                                                                                                                            SHA1:D6F1E5B9E94CB3F29873CD935356F586858A9FE7
                                                                                                                                                                                                                                                                                                                                            SHA-256:3454A44D19DA21B765B39886811918F59092CD9B1D0FCD9020F9779283B27B74
                                                                                                                                                                                                                                                                                                                                            SHA-512:E08BA43ABFC5494AA01EE3006656D1F6ADC70403EAFB38705C79104F52AAD1C7FEC619DCA06F8EFBB1128A15C6895BE4FDDA7A0552598DC87CAA34484EEE9966
                                                                                                                                                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                                                                                                                                                            Yara Hits:
                                                                                                                                                                                                                                                                                                                                            • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                            • Rule: JoeSecurity_DanaBot_stealer_dll, Description: Yara detected DanaBot stealer dll, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                            • Rule: INDICATOR_SUSPICIOUS_GENInfoStealer, Description: Detects executables containing common artifcats observed in infostealers, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\CrypterTest1[1].exe, Author: ditekSHen
                                                                                                                                                                                                                                                                                                                                            Antivirus:
                                                                                                                                                                                                                                                                                                                                            • Antivirus: ReversingLabs, Detection: 83%
                                                                                                                                                                                                                                                                                                                                            Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                            • Filename: Handler.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                            Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L.....g..................O..6......D.O.......O...@...........................Y..................@....................T......`T..A....X..X....................T...............................T.....................PmT.......T......................text....O.......O................. ..`.itext..`.....O.......O............. ..`.data.........O.......O.............@....bss..........S..........................idata...A...`T..B....S.............@....didata.......T.......S.............@....edata........T.......S.............@..@.tls....(.....T..........................rdata..\.....T.......S.............@..@.reloc........T.......S.............@..B.rsrc....X....X..X....W.............@..@..............Y.......X.............@..@................

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\json[1].json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Users\user\Desktop\Handler.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1787
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.373959867687954
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:SfNaoCtTEC2/fNaoC5B85C5cfNaoCKJG8JQCKJQfNaoCbqw8J60UrU0U8CbG:6NnCtTEC2XNnCzUCSNnC2G8QC2cNnCZv
                                                                                                                                                                                                                                                                                                                                            MD5:9EB420AA5700039920D88C7AA28769BB
                                                                                                                                                                                                                                                                                                                                            SHA1:9E9199946113D9A6B8836CBA47240F577EAEA02C
                                                                                                                                                                                                                                                                                                                                            SHA-256:53C7026468F7B40EC77D6B001DBA1D34A017022348CA8E48098AADB6EA27F98B
                                                                                                                                                                                                                                                                                                                                            SHA-512:FA4C4C759A6CC670C46BDAC035F8E8C334C4C6FC266140B9FB2868B1761D1AF378818D484B34A901E24B0E69E2E16B4E05DEB0A9E6B9A5C04C8BACD10776F01B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/0523AA4BC7FB479899C18B51CCCD492E",.. "id": "0523AA4BC7FB479899C18B51CCCD492E",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/0523AA4BC7FB479899C18B51CCCD492E"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/D9C18BCE62CBAD220755CFC61065F0D1",.. "id": "D9C18BCE62CBAD220755CFC61065F0D1",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/D9C18BCE62CBAD220755CFC61065F0D1"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtoo

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\1a9f8175-958f-45e1-ab26-3063a9739e3d.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                            MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\3ee80758-3649-499c-a4e7-39227153c496.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):11185
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                                            MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                                            SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                                            SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                                            SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\9afc5e41-a0e9-469a-b6c3-a96e2ce57138.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                                            MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                                            SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                                            SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                                            SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\a9ce90b6-367f-4144-9254-71d382b210d8.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):154477
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                                                                                            MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                                                                                            SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                                                                                            SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                                                                                            SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2110
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.3899085164546925
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:Yzj57SnaJ57H57Uv5W1Sj5W175zuR5z+5zn071eDJk5c1903bj5jJp0gcU854RrA:8e2Fa116uCntc5toY2GM
                                                                                                                                                                                                                                                                                                                                            MD5:D06F443D24AB7FF73E80EF8BDCC07213
                                                                                                                                                                                                                                                                                                                                            SHA1:ED6E04C465B8C13F8D31FE0F79DEE8CD31520210
                                                                                                                                                                                                                                                                                                                                            SHA-256:D71268A09C0F109755FD876D1FA6CAF0D65A464D182C7FB5BB7C0D5805BE8E4F
                                                                                                                                                                                                                                                                                                                                            SHA-512:DA076DA24876A31A4F359EB994E727B9D0291DB3B7E93E574B0BF382EA2BE2F0707FB3729D94166D03594C1317E77454DE1B940E89C7702AE1B03A409BE4B43A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"logTime": "1004/133448", "correlationVector":"vYS73lRT+EoO2Owh9jsc+Y","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"n/KhuHPhHmYXokB31+JZz7","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"fclQx26bUZO07waFEDe6Fn","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"0757l0tkKt37vNrdCKAm8w","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"uTRRkmbbqkgK/wPBCS4fct","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"2DrXipL1ngF91RN7IemK0e","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"d0GyjEgnW85fvDIojHVIXI","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"PvfzGWRutB/kmuXUK+c8XA","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"29CB75FBC4C942E0817A1F7A0E2CF647

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_1327794400\3ee80758-3649-499c-a4e7-39227153c496.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):11185
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                                            MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                                            SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                                            SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                                            SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_1327794400\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1753
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                                                                            MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                                                                            SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                                                                            SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                                                                            SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_1327794400\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):9815
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                                                                            MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                                                                            SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                                                                            SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                                                                            SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_1327794400\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):10388
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                                                                            MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                                                                            SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                                                                            SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                                                                            SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_1327794400\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):962
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                                                                            MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                                                                            SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                                                                            SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                                                                            SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):4982
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                                                                            MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                                                                            SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                                                                            SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                                                                            SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):908
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                                                                            MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                                                                            SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                                                                            SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                                                                            SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1285
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                                                                            MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                                                                            SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                                                                            SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                                                                            SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1244
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                                                                            MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                                                                            SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                                                                            SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                                                                            SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):977
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                                                                            MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                                                                            SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                                                                            SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                                                                            SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):3107
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                                                                            MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                                                                            SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                                                                            SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                                                                            SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1389
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                                                                            MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                                                                            SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                                                                            SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                                                                            SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1763
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                                                                            MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                                                                            SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                                                                            SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                                                                            SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):930
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                                                                            MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                                                                            SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                                                                            SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                                                                            SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):913
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                                                                            MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                                                                            SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                                                                            SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                                                                            SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):806
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                                                                            MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                                                                            SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                                                                            SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                                                                            SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):883
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                                                                            MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                                                                            SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                                                                            SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                                                                            SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1031
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                                                                            MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                                                                            SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                                                                            SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                                                                            SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1613
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                                                                            MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                                                                            SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                                                                            SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                                                                            SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):851
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                                            MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                                            SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                                            SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                                            SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):851
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                                            MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                                            SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                                            SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                                            SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):848
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                                                                            MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                                                                            SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                                                                            SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                                                                            SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1425
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                                                                            MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                                                                            SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                                                                            SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                                                                            SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):961
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                                                                            MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                                                                            SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                                                                            SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                                                                            SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):959
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                                                                            MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                                                                            SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                                                                            SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                                                                            SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):968
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                                                                            MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                                                                            SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                                                                            SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                                                                            SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):838
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                                                                            MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                                                                            SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                                                                            SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                                                                            SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1305
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                                                                            MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                                                                            SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                                                                            SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                                                                            SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):911
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                                                                            MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                                                                            SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                                                                            SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                                                                            SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):939
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                                                                            MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                                                                            SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                                                                            SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                                                                            SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):977
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                                                                            MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                                                                            SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                                                                            SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                                                                            SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):972
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                                                                            MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                                                                            SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                                                                            SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                                                                            SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):990
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                                                                            MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                                                                            SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                                                                            SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                                                                            SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1658
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                                                                            MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                                                                            SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                                                                            SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                                                                            SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1672
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                                                                            MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                                                                            SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                                                                            SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                                                                            SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):935
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                                                                            MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                                                                            SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                                                                            SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                                                                            SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1065
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                                                                            MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                                                                            SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                                                                            SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                                                                            SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2771
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                                                                            MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                                                                            SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                                                                            SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                                                                            SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):858
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                                                                            MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                                                                            SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                                                                            SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                                                                            SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):954
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                                                                            MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                                                                            SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                                                                            SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                                                                            SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):899
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                                                                            MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                                                                            SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                                                                            SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                                                                            SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2230
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                                                                            MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                                                                            SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                                                                            SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                                                                            SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1160
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                                                                            MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                                                                            SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                                                                            SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                                                                            SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):3264
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                                                                            MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                                                                            SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                                                                            SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                                                                            SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):3235
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                                                                            MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                                                                            SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                                                                            SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                                                                            SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):3122
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                                                                            MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                                                                            SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                                                                            SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                                                                            SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1895
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                                                                            MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                                                                            SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                                                                            SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                                                                            SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1042
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                                                                            MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                                                                            SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                                                                            SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                                                                            SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2535
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                                                                            MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                                                                            SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                                                                            SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                                                                            SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1028
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                                                                            MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                                                                            SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                                                                            SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                                                                            SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):994
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                                                                            MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                                                                            SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                                                                            SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                                                                            SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2091
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                                                                            MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                                                                            SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                                                                            SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                                                                            SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2778
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                                                                            MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                                                                            SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                                                                            SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                                                                            SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1719
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                                                                            MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                                                                            SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                                                                            SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                                                                            SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):936
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                                                                            MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                                                                            SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                                                                            SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                                                                            SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):3830
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                                                                            MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                                                                            SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                                                                            SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                                                                            SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1898
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                                                                            MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                                                                            SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                                                                            SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                                                                            SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):914
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                                                                            MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                                                                            SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                                                                            SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                                                                            SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\nn\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):851
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                                            MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                                            SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                                            SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                                            SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):878
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                                                                            MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                                                                            SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                                                                            SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                                                                            SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2766
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                                                                            MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                                                                            SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                                                                            SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                                                                            SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):978
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                                                                            MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                                                                            SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                                                                            SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                                                                            SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):907
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                                                                            MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                                                                            SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                                                                            SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                                                                            SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):914
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                                                                            MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                                                                            SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                                                                            SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                                                                            SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):937
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                                                                            MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                                                                            SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                                                                            SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                                                                            SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1337
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                                                                            MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                                                                            SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                                                                            SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                                                                            SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2846
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                                                                            MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                                                                            SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                                                                            SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                                                                            SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):934
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                                                                            MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                                                                            SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                                                                            SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                                                                            SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):963
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                                                                            MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                                                                            SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                                                                            SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                                                                            SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1320
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                                                                            MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                                                                            SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                                                                            SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                                                                            SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):884
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                                                                            MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                                                                            SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                                                                            SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                                                                            SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):980
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                                                                            MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                                                                            SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                                                                            SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                                                                            SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1941
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                                                                            MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                                                                            SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                                                                            SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                                                                            SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1969
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                                                                            MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                                                                            SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                                                                            SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                                                                            SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1674
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                                                                            MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                                                                            SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                                                                            SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                                                                            SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1063
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                                                                            MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                                                                            SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                                                                            SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                                                                            SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1333
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                                                                            MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                                                                            SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                                                                            SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                                                                            SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1263
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                                                                            MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                                                                            SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                                                                            SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                                                                            SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1074
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                                                                            MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                                                                            SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                                                                            SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                                                                            SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):879
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                                                                            MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                                                                            SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                                                                            SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                                                                            SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1205
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                                                                            MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                                                                            SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                                                                            SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                                                                            SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):843
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                                                                            MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                                                                            SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                                                                            SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                                                                            SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):912
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                                                                            MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                                                                            SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                                                                            SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                                                                            SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):11406
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.745845607168024
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuH+svyw6r+cgTSJJT4LGkt:m8IEI4u8/EgG4
                                                                                                                                                                                                                                                                                                                                            MD5:0A68C9539A188B8BB4F9573F2F2321D6
                                                                                                                                                                                                                                                                                                                                            SHA1:E0F814FA4DCC04EDC6A5D39CBC1038979E88F0E5
                                                                                                                                                                                                                                                                                                                                            SHA-256:39E6C25D096AFD156644F07586D85E37F1F7B3DA9B636471E8D15CEB14DB184F
                                                                                                                                                                                                                                                                                                                                            SHA-512:13F133C173C6622B8E1B6F86A551CBC5B0B2446B3CF96E4AE8CA2646009B99E4A360C2DB3168CB94A488FAEBD215003DFA60D10150B7A85B5F8919900BD01CCC
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):854
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                                                                            MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                                                                            SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                                                                            SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                                                                            SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:JSON data
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2525
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.417954053901
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj17x9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/AP7xgiVb
                                                                                                                                                                                                                                                                                                                                            MD5:5E425DC36364927B1348F6C48B68C948
                                                                                                                                                                                                                                                                                                                                            SHA1:9E411B88453DEF3F7CFCB3EAA543C69AD832B82F
                                                                                                                                                                                                                                                                                                                                            SHA-256:32D9C8DE71A40D71FC61AD52AA07E809D07DF57A2F4F7855E8FC300F87FFC642
                                                                                                                                                                                                                                                                                                                                            SHA-512:C19217B9AF82C1EE1015D4DFC4234A5CE0A4E482430455ABAAFAE3F9C8AE0F7E5D2ED7727502760F1B0656F0A079CB23B132188AE425E001802738A91D8C5D79
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):97
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                                                                            MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                                                                            SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                                                                            SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                                                                            SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):122218
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.439997574414675
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:naCwKqAbNBbV9HGsR43l9S6w3xu7gXMgaG0R6RxNbF4Ki3wqP+PrQY2PEtb1B:Jfcs1XMr2zbF4Ki+PkPEfB
                                                                                                                                                                                                                                                                                                                                            MD5:67C4451398037DD1C497A1EA98227630
                                                                                                                                                                                                                                                                                                                                            SHA1:F5BB00D46BCAB5A8A02E68E4895AEB6859B74AA8
                                                                                                                                                                                                                                                                                                                                            SHA-256:59123D5A34A319791E90391FC55F0F4B8F5ABB6DB67353609DB25ACC3E99C166
                                                                                                                                                                                                                                                                                                                                            SHA-512:17F35CE2A11C26168CC52C4AE2BEC548A1AEB1B1F9CB3475B0552BDE71CFE94C5C0C4F3F51267EF7C7D9B0E01E1D1259F48968E70EE1E905471BA0C76ECA81EA
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ha=ea(this);function r(a,b){if(b)a:{var c=ha;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):291
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                                                                                            MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                                                                                            SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                                                                                            SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                                                                                            SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):130866
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):5.425065147784983
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:1536:zKjBw7l0GLFqjLmqoTquyBQCGLu5fJDX5pwPGFSS2IH0dKxQ5SbNyO+DrxZlkaY8:XYQi3DX5WkfH0dKxdboDrNOdor
                                                                                                                                                                                                                                                                                                                                            MD5:1A8A1F4E5BA291867D4FA8EF94243EFA
                                                                                                                                                                                                                                                                                                                                            SHA1:B25076D2AE85BD5E4ABA935F758D5122CCB82C36
                                                                                                                                                                                                                                                                                                                                            SHA-256:441385D13C00F82ABEEDD56EC9A7B2FE90658C9AACB7824DEA47BB46440C335B
                                                                                                                                                                                                                                                                                                                                            SHA-512:F05668098B11C60D0DDC3555FCB51C3868BB07BA20597358EBA3FEED91E59F122E07ECB0BD06743461DFFF8981E3E75A53217713ABF2A78FB4F955641F63537C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\scoped_dir8148_837431167\a9ce90b6-367f-4144-9254-71d382b210d8.tmp

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                                            File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):154477
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                                                                                            MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                                                                                            SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                                                                                            SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                                                                                            SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 18:16:16 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2677
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.983417138386149
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:8ddvjTTjsfHcidAKZdA19ehwiZUklqehey+3:8bjbty
                                                                                                                                                                                                                                                                                                                                            MD5:3E6874E395F200642ABF13E6B4EAA427
                                                                                                                                                                                                                                                                                                                                            SHA1:BFBCD823A037DC02C0AF797BA7C3B5DB9855676C
                                                                                                                                                                                                                                                                                                                                            SHA-256:856BF95BDE72103450828CD3E5D61852EE4B4D7C17E6294EAEA9B518F1387540
                                                                                                                                                                                                                                                                                                                                            SHA-512:0CF6237CA0D207C783A7BCBB67A417936FC84022FCB45DEE7EECA0F731F4BBE2B8DD2E8F2776DA8408E4278C896F9D71398FC36F2AB0E94997FE17A59C817A03
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:L..................F.@.. ...$+.,.....A%.g..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 18:16:15 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2679
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.9989497654895496
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:89cdvjTTjsfHcidAKZdA1weh/iZUkAQkqehdy+2:8ajp9Q0y
                                                                                                                                                                                                                                                                                                                                            MD5:E6E4B20E5D1B32A81249D0E551728BD1
                                                                                                                                                                                                                                                                                                                                            SHA1:61823B1B2581F4D9C32A62236B553F9839512383
                                                                                                                                                                                                                                                                                                                                            SHA-256:14D1929251EEAEFF1C4BCC749F2C9AF6A6CBDF3C0D9366461CE84436088FD27E
                                                                                                                                                                                                                                                                                                                                            SHA-512:BDC1210D1774F8244E7D84BEE0D3AF973ACD7831472A052B3C4E09042BA9B6F99DC4CA0D2D16AE8A4BDC47DDED91080481C73B99834B4676EB8815824AE7B61B
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:L..................F.@.. ...$+.,.... ...g..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2693
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.010689418085821
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:8xEdvjTTjsHcidAKZdA14tseh7sFiZUkmgqeh7s7y+BX:8x8jZnRy
                                                                                                                                                                                                                                                                                                                                            MD5:220D2BD7D6CB2CF906A8525B89AA52AC
                                                                                                                                                                                                                                                                                                                                            SHA1:3EA96AC5CBF52D8EBFD6B722DB8967D1C427A353
                                                                                                                                                                                                                                                                                                                                            SHA-256:D930624FB3E45222560B5EF712168E3337B0DC12BBBFB55DFBFDD3324E830A9B
                                                                                                                                                                                                                                                                                                                                            SHA-512:71E6FF852349D77F7C628B939E1DE2AC5AA0D456289800FDE73AC7F0F86E0C220069D6578A50092CFD0E347D0215577D54B6B7F855E3AAF725818E108A0AD496
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 18:16:15 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2681
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.9993959857271864
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:86dvjTTjsfHcidAKZdA1vehDiZUkwqehZy+R:8ajqjy
                                                                                                                                                                                                                                                                                                                                            MD5:65EF1A4B17A03DA8FFF43F6BAC0E8F4A
                                                                                                                                                                                                                                                                                                                                            SHA1:5BC14A8F5EC13767BC93232064A6797288742E77
                                                                                                                                                                                                                                                                                                                                            SHA-256:9F80B639644ACE1721EDF5846F3ACA0668B0637AC61921EA39772153A30C6D79
                                                                                                                                                                                                                                                                                                                                            SHA-512:AAFD613523164CCBBEA59C06A04AE301219F109BAE3871E7F1BB4679E5CB5CAFF4E46C7F97961E02210D64E45A99275C998B4D145B6C1581754A1065CE321075
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:L..................F.@.. ...$+.,........g..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 18:16:16 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2681
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.9884459309138145
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:8DldvjTTjsfHcidAKZdA1hehBiZUk1W1qeh/y+C:8DjjK9fy
                                                                                                                                                                                                                                                                                                                                            MD5:795C7D8B970B05E4682AA96D1786245A
                                                                                                                                                                                                                                                                                                                                            SHA1:DFF13BC436F6B7E5B08AB20F5CEC98A08878EB82
                                                                                                                                                                                                                                                                                                                                            SHA-256:95673C9DFE971161660C5872E2A34BB071E0F6AAFD8D2FFDBE503E366B91716E
                                                                                                                                                                                                                                                                                                                                            SHA-512:29BF5B865D45F4F6FE837B7470674AE6CF1E7CFDF96E59E282F57ACEADC6003EB51227965DFB16CBB74384F743111B4521A93D82EB084DEAA3171501BCEFC6F7
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:L..................F.@.. ...$+.,........g..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 18:16:15 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):2683
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):3.9983262056517463
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:48:8SdvjTTjsfHcidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbRy+yT+:8yjUT/TbxWOvTbRy7T
                                                                                                                                                                                                                                                                                                                                            MD5:3318CD71D823BE65A49947054C19114F
                                                                                                                                                                                                                                                                                                                                            SHA1:9888753A4E1B3F25C0577A1DF026DA367BCB08DA
                                                                                                                                                                                                                                                                                                                                            SHA-256:1D7684F132B04DC9D5ED81158BD02A94B115F7D3E33C86706C2DA1E4C40BC0E0
                                                                                                                                                                                                                                                                                                                                            SHA-512:B215F404ED5A539C7EB8B9505B2E0CF541FB54F275B3DCC213579944878A33886AA4404367075776844303AD81B8325AD0F9AB9F37A9E07B2B0E6C3CC29B9BF0
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:L..................F.@.. ...$+.,....'l..g..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I/Z......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Z......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V/Z......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V/Z............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V/Z.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                            C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                                                                                                                            Download File
                                                                                                                                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                                            File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                                                                                                                                            Size (bytes):1835008
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):4.421700579651565
                                                                                                                                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                                                                                                                                            SSDEEP:6144:jSvfpi6ceLP/9skLmb0OTMWSPHaJG8nAgeMZMMhA2fX4WABlEnNR0uhiTw:uvloTMW+EZMM6DFyr03w
                                                                                                                                                                                                                                                                                                                                            MD5:FF2A2FDC9FFF470EA69AA8E5E91DE23E
                                                                                                                                                                                                                                                                                                                                            SHA1:F6DE04326B7F4302D546E08AA9616124C7E136C1
                                                                                                                                                                                                                                                                                                                                            SHA-256:B90129456BB07216A5B9AEFC25A889D1045CE15887C303D61891E125943850B2
                                                                                                                                                                                                                                                                                                                                            SHA-512:6B432BC313B05E4739F402109D3A904F8256D376FD9FAF51A7DB3AE3A2616663B73FEFBCCB196BB08503D311A98E3903ADB0E72B0ABE6AA53CB24C0FD1D8B5CC
                                                                                                                                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                                                                                                                                            Preview:regf>...>....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm...g..............................................................................................................................................................................................................................................................................................................................................._..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                            Static File Info

                                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                                            File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                                                                                            Entropy (8bit):7.893536241529202
                                                                                                                                                                                                                                                                                                                                            TrID:
                                                                                                                                                                                                                                                                                                                                            • Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                                                                                                                                                                                                                                                                                                                                            • Win32 Executable (generic) a (10002005/4) 49.78%
                                                                                                                                                                                                                                                                                                                                            • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                                                                                                                                                                                                                                                                                                                                            • Win16/32 Executable Delphi generic (2074/23) 0.01%
                                                                                                                                                                                                                                                                                                                                            • Generic Win/DOS Executable (2004/3) 0.01%
                                                                                                                                                                                                                                                                                                                                            File name:Handler.exe
                                                                                                                                                                                                                                                                                                                                            File size:430'592 bytes
                                                                                                                                                                                                                                                                                                                                            MD5:5fd322ce6e87bae023155e3d548d7280
                                                                                                                                                                                                                                                                                                                                            SHA1:1e193832da505b7416f01a108e134d4cfb56f6e5
                                                                                                                                                                                                                                                                                                                                            SHA256:1d16053d1910ba274b25d60a462fd4e7b75ae1454315dbfcf013b872f02dcdf3
                                                                                                                                                                                                                                                                                                                                            SHA512:cb7c276bc17651d202b0f7cb8234100ccd74b3e338f63bc0a563460a9c50ef24adefc59b7e9fc2cc892610ddeef3f1d11bc7bce44a2cc61c81e80e3e041ac64d
                                                                                                                                                                                                                                                                                                                                            SSDEEP:12288:5JN9RjfHB8d4QPBtw2Q+Ai0g2iWYD8F10DEqQjFQlYtEg:5JNfu/7Z10sf/PQxQlUL
                                                                                                                                                                                                                                                                                                                                            TLSH:F394120A26976736C47889BAD4F3C43C52BA97D31633E2133C1973A84E637D99A447CD
                                                                                                                                                                                                                                                                                                                                            File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...|G................0.................. ... ....@.. ....................... ............`................................

                                                                                                                                                                                                                                                                                                                                            File Icon

                                                                                                                                                                                                                                                                                                                                            Icon Hash:00928e8e8686b000

                                                                                                                                                                                                                                                                                                                                            Static PE Info

                                                                                                                                                                                                                                                                                                                                            General

                                                                                                                                                                                                                                                                                                                                            Entrypoint:0x41039e
                                                                                                                                                                                                                                                                                                                                            Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                            Digitally signed:false
                                                                                                                                                                                                                                                                                                                                            Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                            Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                            Image File Characteristics:EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                            DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                            Time Stamp:0xC6FB477C [Tue Oct 15 09:16:44 2075 UTC]
                                                                                                                                                                                                                                                                                                                                            TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                            CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                            OS Version Major:4
                                                                                                                                                                                                                                                                                                                                            OS Version Minor:0
                                                                                                                                                                                                                                                                                                                                            File Version Major:4
                                                                                                                                                                                                                                                                                                                                            File Version Minor:0
                                                                                                                                                                                                                                                                                                                                            Subsystem Version Major:4
                                                                                                                                                                                                                                                                                                                                            Subsystem Version Minor:0
                                                                                                                                                                                                                                                                                                                                            Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                                                                                                                                                                                                                                                                                                                            Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                            Instruction
                                                                                                                                                                                                                                                                                                                                            jmp dword ptr [00402000h]
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                                                            add byte ptr [eax], al

                                                                                                                                                                                                                                                                                                                                            Data Directories

                                                                                                                                                                                                                                                                                                                                            NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_IMPORT0x103500x4b.text
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_RESOURCE0x120000x598.rsrc
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_BASERELOC0x140000xc.reloc
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_DEBUG0x103090x1c.text
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text

                                                                                                                                                                                                                                                                                                                                            Sections

                                                                                                                                                                                                                                                                                                                                            NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                            .text0x20000xe3a40xe400a477556f10e0f94ff07851ab21409ae9False0.520764802631579data6.042242922628573IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                            .rsrc0x120000x5980x600123aca95e4555687b41c2cebfd368cb4False0.41015625data4.0349728002939855IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                            .reloc0x140000xc0x2008afa85677c54490f83975db63dd0f5e1False0.044921875data0.08153941234324169IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                            .idata0x160000x5a2000x5a200471645ffe4e357c0f47fb5657c5278bbFalse1.000327778259362data7.99944165588929IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                                                                                                                                                                                            Resources

                                                                                                                                                                                                                                                                                                                                            NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                            RT_VERSION0x120a00x30cdata0.41923076923076924
                                                                                                                                                                                                                                                                                                                                            RT_MANIFEST0x123ac0x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators0.5489795918367347

                                                                                                                                                                                                                                                                                                                                            Imports

                                                                                                                                                                                                                                                                                                                                            DLLImport
                                                                                                                                                                                                                                                                                                                                            mscoree.dll_CorExeMain

                                                                                                                                                                                                                                                                                                                                            Network Behavior

                                                                                                                                                                                                                                                                                                                                            Suricata IDS Alerts

                                                                                                                                                                                                                                                                                                                                            TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:16:07.070284+01002859378ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M21192.168.2.549707116.203.164.230443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:16:08.418065+01002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M11192.168.2.549712116.203.164.230443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:16:09.679913+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1116.203.164.230443192.168.2.549714TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:16:11.027561+01002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M11116.203.164.230443192.168.2.549715TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:16:54.138558+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.550137162.0.209.157443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:17:51.998608+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550233194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:17:53.076910+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55023445.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:17:54.165241+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550235194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:17:55.240103+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55023645.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:03.755453+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550241194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:05.060557+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55024245.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:06.160435+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550243194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:07.296624+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55024445.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:13.687116+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550249194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:13.754168+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55025045.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:13.821719+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550251194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:13.904282+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55025245.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:25.097470+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550257194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:26.496340+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55025845.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:28.314948+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550259194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:30.468381+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55026045.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:33.875993+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550269194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:36.494176+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55027045.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:38.633084+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550271194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:40.558233+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55027245.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:49.695123+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550277194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:49.798134+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55027845.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:49.899707+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550279194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:18:49.994486+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55028045.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:01.358154+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550285194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:03.328542+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55028645.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:05.215618+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550287194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:07.129454+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55028845.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:10.166155+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550293194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:12.097474+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55029445.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:14.088789+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550295194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:16.062978+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55029645.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:25.464129+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550301194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:25.559118+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55030245.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:25.642253+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550303194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:25.724881+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55030445.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:38.315364+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550314194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:40.513593+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55031545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:42.718601+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550316194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:44.975171+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55031745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:48.289577+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550322194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:50.018480+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55032445.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:52.235886+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550325194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:19:54.486236+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55032645.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:06.689081+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550331194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:06.771657+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55033245.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:06.856552+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550333194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:06.974269+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55033445.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:19.589458+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550339194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:22.592140+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55034045.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:25.276113+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550341194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:27.477145+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55034245.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:31.315847+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550347194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:34.346825+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55034845.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:36.776949+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550353194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:40.341709+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55035445.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:53.963375+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550359194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:54.076474+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55036045.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:55.172218+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550361194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:20:55.247598+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55036245.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:02.920261+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550367194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:03.973539+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55036845.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:05.037404+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550369194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:06.123673+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55037045.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:08.431164+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550375194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:09.513404+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55037645.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:10.583396+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550377194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:11.690409+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55037845.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:17.150696+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550383194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:17.219318+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55038445.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:17.278993+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550386194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:17.325112+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55038745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:24.708407+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550392194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:25.778499+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55039345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:26.883319+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550394194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:27.967576+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55039545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:30.358496+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550400194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:31.433444+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55040145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:32.513407+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550402194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:33.612902+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55040345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:38.971622+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550408194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:39.022759+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55040945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:39.113564+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550410194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:39.165919+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55041145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:46.576684+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550416194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:47.642464+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55041745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:48.727329+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550418194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:49.797362+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55041945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:53.154085+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550424194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:54.238451+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55042545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:55.324576+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550426194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:21:56.401480+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55042745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:02.754800+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550432194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:02.824784+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55043345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:02.879427+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550434194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:02.937630+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55043545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:10.338514+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550440194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:11.423189+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55044145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:12.523479+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550442194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:13.606522+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55044345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:16.938813+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550448194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:18.022504+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55044945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:19.099576+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550450194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:20.174415+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55045145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:26.620031+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550456194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:26.684872+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55045745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:26.735919+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550458194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:26.780429+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55045945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:34.234785+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550464194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:35.312456+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55046545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:36.370627+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550466194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:37.471267+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55046745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:40.842623+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550472194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:41.922196+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55047345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:43.002152+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550474194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:44.085932+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55047545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:49.511855+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550480194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:49.576675+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55048145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:49.636624+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550482194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:49.699671+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55048345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:57.118436+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550488194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:58.197438+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55048945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:22:59.268214+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550490194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:00.344588+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55049145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:03.650451+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550496194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:04.724974+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55049745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:05.804664+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550498194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:06.870449+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55049945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:12.176679+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550504194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:12.224251+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55050545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:12.274676+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550506194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:12.314757+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55050745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:19.678605+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550512194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:20.730143+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55051345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:21.793063+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550514194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:22.863783+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55051545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:25.216869+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550520194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:26.278642+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55052145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:27.352514+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550522194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:28.425593+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55052345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:33.832820+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550528194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:33.876649+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55052945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:33.933266+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550530194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:33.984697+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55053145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:41.385460+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550536194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:42.449437+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55053745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:43.515725+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550538194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:44.586374+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55053945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:46.842732+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550544194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:47.932677+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55054545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:49.015522+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550546194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:50.096977+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55054745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:55.438500+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550552194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:55.499510+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55055345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:55.551388+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550554194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:23:55.613988+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55055545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:02.961195+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550560194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:04.024201+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55056145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:05.132710+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550562194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:06.213096+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55056345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:08.513442+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550568194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:09.587109+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55056945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:10.657483+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550570194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:11.752896+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55057145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:17.143548+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550576194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:17.191004+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55057745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:17.254899+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550578194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:17.327636+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55057945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:24.691013+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550584194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:25.763652+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55058545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:26.844766+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550586194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:27.906819+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55058745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:30.190886+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550592194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:31.250027+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55059345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:32.334755+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550594194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:33.399847+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55059545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:39.802154+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550600194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:39.853070+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55060145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:40.909327+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550602194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:40.955093+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55060345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:48.342784+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550608194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:49.424429+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55060945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:50.479537+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550610194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:51.547690+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55061145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:53.877255+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550616194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:54.942240+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55061745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:56.017142+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550618194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:24:57.088493+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55061945.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:02.463979+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550624194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:03.549411+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55062545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:03.620400+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550626194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:03.695563+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55062745.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:11.053002+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550632194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:12.106939+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55063345.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:13.200506+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550634194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:14.265167+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55063545.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:16.531681+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550640194.32.76.77443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:17.627826+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.55064145.76.251.57443TCP
                                                                                                                                                                                                                                                                                                                                            2025-01-15T20:25:18.713838+01002034465ET MALWARE Danabot Key Exchange Request1192.168.2.550642194.32.76.77443TCP

                                                                                                                                                                                                                                                                                                                                            Network Port Distribution

                                                                                                                                                                                                                                                                                                                                            TCP Packets

                                                                                                                                                                                                                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:15:59.262959003 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:15:59.263044119 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:15:59.356756926 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.133923054 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.133944988 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.134020090 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.142463923 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.142472982 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.778924942 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.779089928 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.914617062 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.914645910 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.915780067 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.916397095 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.958544016 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:03.999336004 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.163552046 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.163582087 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.163633108 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.163657904 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.163678885 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.163711071 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.163738012 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.166284084 CET49704443192.168.2.5149.154.167.99
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.166301966 CET44349704149.154.167.99192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.184428930 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.184467077 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.184587002 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.194263935 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:04.194298983 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.158128023 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.158224106 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.166563988 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.166609049 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.166976929 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.167043924 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.167689085 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.215358019 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.639903069 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.639997005 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.640064001 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.640064001 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.647109032 CET49705443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.647154093 CET44349705116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.649756908 CET49707443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.649810076 CET44349707116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.649899006 CET49707443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.650475025 CET49707443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:05.650506973 CET44349707116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:06.355698109 CET44349707116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:06.355803013 CET49707443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:06.357256889 CET49707443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:06.357286930 CET44349707116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:06.358624935 CET49707443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:06.358637094 CET44349707116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.070288897 CET44349707116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.070348978 CET44349707116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.070523024 CET49707443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.070574045 CET49707443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.070595026 CET44349707116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.071619034 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.071666956 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.073856115 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.074023008 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.074049950 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.719703913 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.719829082 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.763474941 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.763495922 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.812378883 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:07.812407017 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418065071 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418093920 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418143034 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418143034 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418168068 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418180943 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418241024 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418493986 CET49712443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.418505907 CET44349712116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.422399998 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.422420979 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.422485113 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.422686100 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.422707081 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.872308969 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.872416973 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:08.966017008 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.103266001 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.105623007 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.105868101 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.105895996 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.112763882 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.112819910 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.679689884 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.679717064 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.679789066 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.679860115 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.679860115 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.679860115 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.680273056 CET49714443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.680293083 CET44349714116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.682024002 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.682061911 CET44349715116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.682162046 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.682364941 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:09.682377100 CET44349715116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:10.344631910 CET44349715116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:10.344727039 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:10.348510981 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:10.348521948 CET44349715116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:10.369967937 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:10.369972944 CET44349715116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:10.651623964 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:10.651774883 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.027358055 CET44349715116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.027448893 CET44349715116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.027534962 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.027700901 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.027700901 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.047538042 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.047646999 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.047816038 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.048022985 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.048057079 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.341008902 CET49715443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.341027975 CET44349715116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.724931002 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.725099087 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.725977898 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.725987911 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.727827072 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.727830887 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.727869987 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:11.727876902 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.048049927 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.048149109 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.048254967 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.048484087 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.048515081 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.422408104 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.422456980 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.422482967 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.422497988 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.422524929 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.422553062 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.423618078 CET49716443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.423633099 CET44349716116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.718938112 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.719177961 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.719729900 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.719755888 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.721380949 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:12.721391916 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:13.542247057 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:13.542320967 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:13.542357922 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:13.542406082 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:13.542429924 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:13.542484999 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:13.543872118 CET49717443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:13.543900013 CET44349717116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.293330908 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.293354034 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.293420076 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.293658972 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.293680906 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.710315943 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.710351944 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.710522890 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.710763931 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.710776091 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.711258888 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.711390972 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.711456060 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.711623907 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.711652040 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.974303007 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.974816084 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.974822044 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.975872040 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.975929022 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.977404118 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.977472067 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.977823019 CET49726443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.977850914 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.977859974 CET44349726142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.977865934 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.977929115 CET49726443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.978132010 CET49726443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:14.978152990 CET44349726142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.031832933 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.271495104 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.275269985 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.275345087 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.276937008 CET49721443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.276952982 CET44349721142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.341806889 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.342046976 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.342108011 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.343584061 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.343652964 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.344225883 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.344317913 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.344449997 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.352268934 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.352456093 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.352478981 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.353351116 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.353457928 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.353854895 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.353910923 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.354161978 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.354170084 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.386344910 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.386363029 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.402647018 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.432615995 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.620621920 CET44349726142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.623348951 CET49726443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.623372078 CET44349726142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.623641968 CET44349726142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.625809908 CET49726443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.625863075 CET44349726142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.653590918 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.653675079 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.654725075 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.654795885 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.654812098 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.654812098 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.654836893 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.654859066 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.655066967 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.655117989 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.655126095 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.655133963 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.655174971 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.660712004 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.660768032 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.661142111 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.661148071 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.668629885 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.668689013 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.668695927 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.673405886 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.673465967 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.673474073 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.676815033 CET49726443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.720537901 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.741543055 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.744393110 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.744440079 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.744472980 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.744534969 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.744606972 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.750720024 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.757272005 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.757328033 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.757333040 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.757349968 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.757396936 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.763350964 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.769476891 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.769534111 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.769550085 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.775882959 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.775918007 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.775942087 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.775957108 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.776323080 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.782963991 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.787864923 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.787894011 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.787925005 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.787941933 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.788002014 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.793626070 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.799457073 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.799530983 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.799551964 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.799561977 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.799642086 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.807576895 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.814480066 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.814639091 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.814646006 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.840992928 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.841015100 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.841052055 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.841068029 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.841133118 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.841767073 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.842200994 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.842221975 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.842252016 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.842266083 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.842360020 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.842875957 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.851516962 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.851536989 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.851571083 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.851584911 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.851641893 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.854444027 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.860213041 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.860269070 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.860276937 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.860286951 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.860342026 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.865525007 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.870740891 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.870803118 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.870815992 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.876209021 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.876229048 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.876266956 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.876281023 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.876348972 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.885801077 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.888678074 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.888698101 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.888756990 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.888771057 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.888832092 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.891040087 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.895466089 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.895484924 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.895534039 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.895549059 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.895596981 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.899580002 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.903693914 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.903752089 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.903759003 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.908298969 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.908348083 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.908354998 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.914505005 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.914525986 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.914577007 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.914583921 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.914628983 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.917913914 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.921845913 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.921869040 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.921890020 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.921921015 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.921943903 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.921988964 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.930955887 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.930979967 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.931030035 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.931051970 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.931104898 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.931118011 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.935167074 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.935221910 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.935229063 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.936525106 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.936570883 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.936578035 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.939084053 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.939146996 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.939153910 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.941466093 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.941521883 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.941529989 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.944178104 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.944242954 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.944248915 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.946207047 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.946269035 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.946275949 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.948575974 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.948620081 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.948626995 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.950550079 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.950604916 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.950748920 CET49725443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.950766087 CET44349725142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.956248999 CET49724443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:15.956273079 CET44349724142.250.181.228192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:18.528016090 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:18.528064966 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:18.528129101 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:18.528340101 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:18.528358936 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.181648970 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.184191942 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.184217930 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.184598923 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.184665918 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.185221910 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.185273886 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.186258078 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.186336994 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.186415911 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.186499119 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.186507940 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.235264063 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.408881903 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.410845041 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.413898945 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.416321993 CET49735443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:19.416347980 CET44349735216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.174180031 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.174227953 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.174302101 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.174877882 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.174890041 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.582468033 CET49760443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.582487106 CET44349760216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.582648993 CET49760443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.582931042 CET49760443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.582942009 CET44349760216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.932559967 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.932632923 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.933424950 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.933437109 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.935955048 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.935961962 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.935991049 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:20.936000109 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.238673925 CET44349760216.58.206.78192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.281084061 CET49760443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.347970009 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.348018885 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.348090887 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.348664999 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.348684072 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.387012005 CET49726443192.168.2.5142.250.181.228
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.393647909 CET49760443192.168.2.5216.58.206.78
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.524416924 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.524488926 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.524934053 CET49769443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.524976015 CET4434976923.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.525063992 CET49769443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.525681019 CET49769443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.525691986 CET4434976923.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.529356003 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.529372931 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.784473896 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.784590006 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.784625053 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.784667015 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.784672022 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.784717083 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.791112900 CET49752443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:21.791131973 CET44349752116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.037432909 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.037512064 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.037931919 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.037945032 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.039760113 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.039767027 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.039838076 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.039858103 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.039865017 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.039870024 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.039963007 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.039987087 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040112972 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040157080 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040262938 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040291071 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040292025 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040302992 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040312052 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040317059 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040405035 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040427923 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040431023 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040441990 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040452003 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040462017 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040477037 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.040529013 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.149614096 CET4434976923.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.149746895 CET49769443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.357300997 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.357372999 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.357548952 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.357836008 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:22.357867002 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.029036999 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.029126883 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.029526949 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.029552937 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032485008 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032495975 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032624960 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032660007 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032780886 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032812119 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032840014 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032856941 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032896042 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.032912970 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.467395067 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.467504978 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.467542887 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.467618942 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.468274117 CET49768443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:23.468322039 CET44349768116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.141479015 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.141633987 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.141647100 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.141861916 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.143445015 CET49776443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.143461943 CET44349776116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.393733978 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.393770933 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.393887043 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.394282103 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:24.394294977 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.044805050 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.044877052 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.045463085 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.045471907 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048372984 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048377991 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048476934 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048485041 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048549891 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048558950 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048580885 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048588037 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048635006 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048640966 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048782110 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048800945 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048845053 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048885107 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048973083 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048983097 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.048995018 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.049000025 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.049036026 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.049041033 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.415252924 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.415309906 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.415384054 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.415895939 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:25.415915012 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.065157890 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.065228939 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.065859079 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.065871954 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.068655968 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.068661928 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.354243040 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.354403019 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.354460955 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.354460955 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.355602026 CET49788443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.355628014 CET44349788116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.924124956 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.924196959 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.924232960 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.924276114 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.924289942 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.924334049 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.926443100 CET49801443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:26.926460028 CET44349801116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.562442064 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.562491894 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.562650919 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.569400072 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.569416046 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.982325077 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.982335091 CET4434985818.244.18.38192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.982417107 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.982810020 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:31.982817888 CET4434985818.244.18.38192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.222563982 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.223048925 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.701072931 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.701100111 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.703625917 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.703630924 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.703685999 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.703692913 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.724992037 CET4434985818.244.18.38192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.773675919 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.773684978 CET4434985818.244.18.38192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.775135994 CET4434985818.244.18.38192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.775192976 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.791964054 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.792110920 CET4434985818.244.18.38192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.925029039 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:32.925039053 CET4434985818.244.18.38192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.033853054 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.352658987 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.352742910 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.352833986 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.429830074 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.429908991 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.480737925 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.480829000 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.480842113 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.480925083 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.480941057 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.481000900 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.489231110 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.489259958 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.489332914 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.489711046 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.489731073 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.530512094 CET49846443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.530534029 CET44349846116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.602380991 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.602412939 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.602526903 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.602806091 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.602833033 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.603082895 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.603167057 CET44349871172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.603247881 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.603363991 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.603396893 CET44349871172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.612569094 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.612591028 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.612656116 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.613125086 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:33.613147974 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.068058968 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.068677902 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.068696022 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.070139885 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.070208073 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.071346998 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.071443081 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.071690083 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.071705103 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.073734045 CET44349871172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.074043036 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.074105024 CET44349871172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.077696085 CET44349871172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.077779055 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.079277992 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.079417944 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.079478025 CET44349871172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.085942984 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.086361885 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.087110996 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.087138891 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.088985920 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.088999987 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.089320898 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.089356899 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.089968920 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.090013027 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.090833902 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.090883017 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091223955 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091270924 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091300011 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091314077 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091397047 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091434956 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091439962 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091461897 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091475964 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091499090 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091516018 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091528893 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091582060 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.091610909 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.104835033 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.105043888 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.105066061 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.106880903 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.106947899 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.108515978 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.108637094 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.108726025 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.108737946 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.178610086 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.178641081 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.178702116 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.178915977 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.178922892 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.186203957 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.186276913 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.186618090 CET49870443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.186634064 CET44349870162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.203214884 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.210550070 CET44349871172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.210654974 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.210980892 CET49871443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.211020947 CET44349871172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.225713015 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.225795031 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.225886106 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.226042032 CET49872443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.226059914 CET44349872172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.229094028 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.229324102 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.229337931 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.229702950 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.229715109 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.229784012 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.229796886 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.229849100 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.230396986 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.231884003 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.231950998 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.232069016 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.275332928 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.437870026 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.437886000 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.574121952 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.574163914 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.574198008 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.574249983 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.574251890 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.574260950 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.574317932 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.574326038 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.579006910 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.579094887 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.579101086 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.583374023 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.584623098 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.584630013 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.587829113 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.587912083 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.587918043 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.592263937 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.592443943 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.592457056 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.595949888 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.596040964 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.596054077 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.659090996 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.659387112 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.659403086 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.659698009 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.659816980 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.659842968 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.666119099 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.666193962 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.666207075 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.672683001 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.672800064 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.672816038 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.678608894 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.678690910 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.678706884 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.684823990 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.685009956 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.685028076 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.691024065 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.691720963 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.691730022 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.697556019 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.697659969 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.697666883 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.703641891 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.703718901 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.703727007 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.709908009 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.710474968 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.710481882 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.716303110 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.717916965 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.717924118 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.722476006 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.722762108 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.722779989 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.728790045 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.728914976 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.728926897 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.735141039 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.737927914 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.737940073 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.743380070 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.743470907 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.743483067 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.746892929 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.747064114 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.747076035 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.752577066 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.752799988 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.752814054 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.757447004 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.757615089 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.757627964 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.762676954 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.762758017 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.762770891 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.767762899 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.767847061 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.767859936 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.772650957 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.772715092 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.772736073 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.777831078 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.777900934 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.777914047 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.782589912 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.782674074 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.782766104 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.782826900 CET49884443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.782911062 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.783052921 CET49884443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.783094883 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.783128977 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.783207893 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.783209085 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.783229113 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.783436060 CET49884443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.783476114 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.787857056 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.787915945 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.787928104 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.792848110 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.792912960 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.792924881 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.798382044 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.798439980 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.798453093 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.802958965 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.804055929 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.804074049 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.808120966 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.808238029 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.808250904 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.813219070 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.813280106 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.813292027 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.817943096 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.818007946 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.818018913 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.822835922 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.822907925 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.822920084 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.827691078 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.827779055 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.827790976 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.832199097 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.832268000 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.832281113 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.833558083 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.833664894 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.833847046 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.833864927 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.833936930 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.834434032 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.834547043 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.834578037 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.834652901 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.834687948 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.836458921 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.836528063 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.836539984 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.840646029 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.841259956 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.841272116 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.842916965 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.845021963 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.845071077 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.845084906 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.845101118 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.845129967 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.847644091 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.847923994 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.847935915 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.849407911 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.849654913 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.849666119 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.851789951 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.851824999 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.851851940 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.851865053 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.852267027 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.853871107 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.855942011 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.856041908 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.856101990 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.856115103 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.856646061 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.858184099 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.864449024 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.864469051 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.864500046 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.864530087 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.864535093 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.864551067 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.864583969 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.864602089 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.870343924 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.870388985 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.870420933 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.870446920 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.870460987 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.870536089 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.870649099 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.871592045 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.871665955 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.872450113 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.872462988 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.872529984 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.873971939 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.874021053 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.874093056 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.874949932 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.874967098 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.876132965 CET49868443192.168.2.5142.250.186.33
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.876152992 CET44349868142.250.186.33192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.878093004 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.878119946 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.925668955 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.925765991 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.930161953 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.930205107 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.932796955 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.932811022 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.932858944 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.932877064 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.932893038 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.932898045 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.932998896 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.933015108 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.933022022 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.933027029 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.933074951 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.933085918 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.933286905 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.933314085 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.933353901 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.993304968 CET49891443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.993393898 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.993494987 CET49891443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.993875027 CET49892443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.993916035 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.993978024 CET49892443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.994194984 CET49891443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.994235039 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.994389057 CET49892443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:34.994405985 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.247706890 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.248055935 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.250669956 CET49884443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.250705957 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.251171112 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.253510952 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.253572941 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.254184961 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.254200935 CET49884443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.254287958 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.254492998 CET49884443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.255067110 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.255193949 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.255259037 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.295362949 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.295435905 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.300899029 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.312990904 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.313474894 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.313528061 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.314980030 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.315063000 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.315819025 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.315903902 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.316035032 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.316051960 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.328675032 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.328953028 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.328977108 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.332328081 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.332447052 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.332523108 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.332715034 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.332751989 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.333228111 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.333297968 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.333420992 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.333430052 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.333662033 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.333748102 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.334384918 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.334465027 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.334507942 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.334974051 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.335203886 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.335212946 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.338731050 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.338808060 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.339353085 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.339518070 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.339525938 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.359059095 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.359206915 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.359391928 CET49884443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.359486103 CET49884443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.359518051 CET44349884172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.360279083 CET49894443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.360373020 CET44349894172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.360461950 CET49894443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.360681057 CET49894443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.360719919 CET44349894172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.375355005 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.377924919 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.378089905 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.378191948 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.378563881 CET49883443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.378580093 CET44349883172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.378906965 CET49897443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.378927946 CET44349897172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.379831076 CET49897443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.381007910 CET49897443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.381036997 CET44349897172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.383344889 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.402312994 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.412348986 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.412348986 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.412350893 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.412372112 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.412379026 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.451746941 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.451824903 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.452338934 CET49888443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.452364922 CET44349888172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.457518101 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.457581043 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.457760096 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.458022118 CET49886443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.458045006 CET44349886172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.460988998 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.461062908 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.461121082 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.461493015 CET49885443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.461520910 CET44349885172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.461659908 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.462487936 CET49891443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.462551117 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.462599039 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.462905884 CET49892443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.462917089 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.463282108 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.463627100 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.464087963 CET49891443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.464296103 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.464299917 CET49892443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.464385986 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.464591026 CET49891443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.464658976 CET49892443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.472095013 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.472178936 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.472359896 CET49887443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.472373962 CET44349887172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.507389069 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.511346102 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.574754953 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.574862003 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.575212002 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.575212002 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.576690912 CET49864443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.576731920 CET44349864116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.595736980 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.595905066 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.596244097 CET49891443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.596256971 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.596432924 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.596499920 CET49892443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.625158072 CET49891443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.625224113 CET44349891162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.625718117 CET49892443192.168.2.5162.159.61.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.625749111 CET44349892162.159.61.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.627584934 CET49902443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.627620935 CET44349902172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.627861977 CET49902443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.634418011 CET49903443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.634469032 CET44349903172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.634763002 CET49903443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.635749102 CET49902443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.635754108 CET49903443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.635782003 CET44349903172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.635828018 CET44349902172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.725083113 CET49894443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.725140095 CET49897443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.725348949 CET49903443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.725429058 CET49902443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.725897074 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.725950003 CET4434985818.244.18.38192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.726043940 CET49858443192.168.2.518.244.18.38
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.767335892 CET44349902172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.767349005 CET44349897172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.767379999 CET44349894172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.767398119 CET44349903172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.815397978 CET44349894172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.815547943 CET44349894172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.815618992 CET49894443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.815660954 CET49894443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.862061977 CET44349897172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:35.862164021 CET49897443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.022001028 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.022088051 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.022149086 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.022186995 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.022221088 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.022279978 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.026779890 CET49878443192.168.2.5116.203.164.230
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.026813030 CET44349878116.203.164.230192.168.2.5
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.035702944 CET49914443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.035711050 CET49915443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                                                                                            Jan 15, 2025 20:16:36.035748005 CET443</