Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe

Overview

General Information

Sample name:SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe
Analysis ID:1614047
MD5:7ca1a467d3565e8827428ac7be5b7bf6
SHA1:63a893bf674933c34cbe216b49722ad18d625fc6
SHA256:efbd528c8ed8c5253b5e191eedc85e30f75778a417b5f427da115e7f44d9dd47
Tags:exeuser-SecuriteInfoCom
Infos:

Detection

Vidar
Score:100
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Attempt to bypass Chrome Application-Bound Encryption
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Vidar stealer
Allocates memory in foreign processes
C2 URLs / IPs found in malware configuration
Found many strings related to Crypto-Wallets (likely being stolen)
Injects a PE file into a foreign processes
Joe Sandbox ML detected suspicious sample
Maps a DLL or memory area into another process
Monitors registry run keys for changes
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Writes to foreign memory regions
Contains functionality to query locales information (e.g. system language)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
HTTP GET or POST without a user agent
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: Browser Started with Remote Debugging
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses insecure TLS / SSL version for HTTPS connection
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe (PID: 3268 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe" MD5: 7CA1A467D3565E8827428AC7BE5B7BF6)
    • BitLockerToGo.exe (PID: 2132 cmdline: "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe" MD5: A64BEAB5D4516BECA4C40B25DC0C1CD8)
      • chrome.exe (PID: 6568 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
        • chrome.exe (PID: 6524 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 --field-trial-handle=2284,i,263747459218094094,16877234520171628402,262144 /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
      • msedge.exe (PID: 7600 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: BF154738460E4AB1D388970E1AB13FAB)
        • msedge.exe (PID: 7900 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=2420,i,3598628697674751921,18106886729672372177,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
      • cmd.exe (PID: 7900 cmdline: "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\y5fct" & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • conhost.exe (PID: 7788 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • timeout.exe (PID: 7776 cmdline: timeout /t 10 MD5: 976566BEEFCCA4A159ECBDB2D4B1A3E3)
  • msedge.exe (PID: 7824 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8140 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • identity_helper.exe (PID: 7500 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5988 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8 MD5: F8CEC3E43A6305AC9BA3700131594306)
    • identity_helper.exe (PID: 7276 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5988 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8 MD5: F8CEC3E43A6305AC9BA3700131594306)
    • msedge.exe (PID: 2940 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7220 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 7072 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7300 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 4148 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7404 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: Vidar

{"C2 url": "https://steamcommunity.com/profiles/76561199825403037", "Botnet": "oomaino5"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
      00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmpinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
      • 0x19f7f:$str01: MachineID:
      • 0x18f4f:$str02: Work Dir: In memory
      • 0x1a027:$str03: [Hardware]
      • 0x19f68:$str04: VideoCard:
      • 0x196c0:$str05: [Processes]
      • 0x196cc:$str06: [Software]
      • 0x18fe0:$str07: information.txt
      • 0x19cbc:$str08: %s\*
      • 0x19d09:$str08: %s\*
      • 0x191fd:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
      • 0x19592:$str12: UseMasterPassword
      • 0x1a033:$str13: Soft: WinSCP
      • 0x19a6b:$str14: <Pass encoding="base64">
      • 0x1a016:$str15: Soft: FileZilla
      • 0x18fd2:$str16: passwords.txt
      • 0x195bd:$str17: build_id
      • 0x19684:$str18: file_data
      00000000.00000002.2631135826.000000000A200000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
        00000000.00000002.2631135826.000000000A200000.00000004.00001000.00020000.00000000.sdmpinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
        • 0x19f7f:$str01: MachineID:
        • 0x18f4f:$str02: Work Dir: In memory
        • 0x1a027:$str03: [Hardware]
        • 0x19f68:$str04: VideoCard:
        • 0x196c0:$str05: [Processes]
        • 0x196cc:$str06: [Software]
        • 0x18fe0:$str07: information.txt
        • 0x19cbc:$str08: %s\*
        • 0x19d09:$str08: %s\*
        • 0x191fd:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
        • 0x19592:$str12: UseMasterPassword
        • 0x1a033:$str13: Soft: WinSCP
        • 0x19a6b:$str14: <Pass encoding="base64">
        • 0x1a016:$str15: Soft: FileZilla
        • 0x18fd2:$str16: passwords.txt
        • 0x195bd:$str17: build_id
        • 0x19684:$str18: file_data
        0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          Click to see the 12 entries

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a1e0000.5.unpackinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
          • 0x1917f:$str01: MachineID:
          • 0x19227:$str03: [Hardware]
          • 0x19168:$str04: VideoCard:
          • 0x188c0:$str05: [Processes]
          • 0x188cc:$str06: [Software]
          • 0x18ebc:$str08: %s\*
          • 0x18f09:$str08: %s\*
          • 0x183fd:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
          • 0x18792:$str12: UseMasterPassword
          • 0x19233:$str13: Soft: WinSCP
          • 0x18c6b:$str14: <Pass encoding="base64">
          • 0x19216:$str15: Soft: FileZilla
          • 0x187bd:$str17: build_id
          • 0x18884:$str18: file_data
          0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.unpackinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
          • 0x1917f:$str01: MachineID:
          • 0x19227:$str03: [Hardware]
          • 0x19168:$str04: VideoCard:
          • 0x188c0:$str05: [Processes]
          • 0x188cc:$str06: [Software]
          • 0x18ebc:$str08: %s\*
          • 0x18f09:$str08: %s\*
          • 0x183fd:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
          • 0x18792:$str12: UseMasterPassword
          • 0x19233:$str13: Soft: WinSCP
          • 0x18c6b:$str14: <Pass encoding="base64">
          • 0x19216:$str15: Soft: FileZilla
          • 0x187bd:$str17: build_id
          • 0x18884:$str18: file_data
          0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a220000.1.unpackinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
          • 0x1917f:$str01: MachineID:
          • 0x19227:$str03: [Hardware]
          • 0x19168:$str04: VideoCard:
          • 0x188c0:$str05: [Processes]
          • 0x188cc:$str06: [Software]
          • 0x18ebc:$str08: %s\*
          • 0x18f09:$str08: %s\*
          • 0x183fd:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
          • 0x18792:$str12: UseMasterPassword
          • 0x19233:$str13: Soft: WinSCP
          • 0x18c6b:$str14: <Pass encoding="base64">
          • 0x19216:$str15: Soft: FileZilla
          • 0x187bd:$str17: build_id
          • 0x18884:$str18: file_data
          0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.raw.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
            0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.raw.unpackinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
            • 0x19f7f:$str01: MachineID:
            • 0x18f4f:$str02: Work Dir: In memory
            • 0x1a027:$str03: [Hardware]
            • 0x19f68:$str04: VideoCard:
            • 0x196c0:$str05: [Processes]
            • 0x196cc:$str06: [Software]
            • 0x18fe0:$str07: information.txt
            • 0x19cbc:$str08: %s\*
            • 0x19d09:$str08: %s\*
            • 0x191fd:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
            • 0x19592:$str12: UseMasterPassword
            • 0x1a033:$str13: Soft: WinSCP
            • 0x19a6b:$str14: <Pass encoding="base64">
            • 0x1a016:$str15: Soft: FileZilla
            • 0x18fd2:$str16: passwords.txt
            • 0x195bd:$str17: build_id
            • 0x19684:$str18: file_data
            Click to see the 9 entries

            Sigma Signatures

            System Summary

            barindex
            Sigma detected: Browser Started with Remote Debugging
            Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe", ParentImage: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe, ParentProcessId: 2132, ParentProcessName: BitLockerToGo.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", ProcessId: 6568, ProcessName: chrome.exe

            Suricata Signatures

            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
            2025-02-13T08:36:11.541819+010020442471Malware Command and Control Activity Detected88.99.124.230443192.168.2.650005TCP
            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
            2025-02-13T08:36:12.880206+010020518311Malware Command and Control Activity Detected88.99.124.230443192.168.2.650006TCP
            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
            2025-02-13T08:36:10.222198+010020490871A Network Trojan was detected192.168.2.65000488.99.124.230443TCP
            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
            2025-02-13T08:36:14.303197+010020593311Malware Command and Control Activity Detected192.168.2.65000788.99.124.230443TCP
            2025-02-13T08:36:15.385430+010020593311Malware Command and Control Activity Detected192.168.2.65000888.99.124.230443TCP
            2025-02-13T08:36:23.676222+010020593311Malware Command and Control Activity Detected192.168.2.65003988.99.124.230443TCP
            2025-02-13T08:36:24.416778+010020593311Malware Command and Control Activity Detected192.168.2.65004188.99.124.230443TCP
            2025-02-13T08:36:25.549250+010020593311Malware Command and Control Activity Detected192.168.2.65004288.99.124.230443TCP
            2025-02-13T08:36:26.489923+010020593311Malware Command and Control Activity Detected192.168.2.65004388.99.124.230443TCP
            2025-02-13T08:36:28.361598+010020593311Malware Command and Control Activity Detected192.168.2.65004488.99.124.230443TCP
            2025-02-13T08:36:34.439021+010020593311Malware Command and Control Activity Detected192.168.2.65006088.99.124.230443TCP
            2025-02-13T08:36:35.263855+010020593311Malware Command and Control Activity Detected192.168.2.65007988.99.124.230443TCP
            2025-02-13T08:36:36.199965+010020593311Malware Command and Control Activity Detected192.168.2.65008388.99.124.230443TCP
            2025-02-13T08:36:38.324431+010020593311Malware Command and Control Activity Detected192.168.2.65010688.99.124.230443TCP
            2025-02-13T08:36:39.583834+010020593311Malware Command and Control Activity Detected192.168.2.65012588.99.124.230443TCP
            2025-02-13T08:36:40.898262+010020593311Malware Command and Control Activity Detected192.168.2.65014488.99.124.230443TCP
            2025-02-13T08:36:41.999665+010020593311Malware Command and Control Activity Detected192.168.2.65014688.99.124.230443TCP
            2025-02-13T08:36:46.922489+010020593311Malware Command and Control Activity Detected192.168.2.65015088.99.124.230443TCP
            2025-02-13T08:36:50.346744+010020593311Malware Command and Control Activity Detected192.168.2.65015188.99.124.230443TCP
            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
            2025-02-13T08:36:24.416778+010028596361Malware Command and Control Activity Detected192.168.2.65004188.99.124.230443TCP
            2025-02-13T08:36:25.549250+010028596361Malware Command and Control Activity Detected192.168.2.65004288.99.124.230443TCP
            2025-02-13T08:36:26.489923+010028596361Malware Command and Control Activity Detected192.168.2.65004388.99.124.230443TCP
            2025-02-13T08:36:35.263855+010028596361Malware Command and Control Activity Detected192.168.2.65007988.99.124.230443TCP
            2025-02-13T08:36:36.199965+010028596361Malware Command and Control Activity Detected192.168.2.65008388.99.124.230443TCP
            2025-02-13T08:36:38.324431+010028596361Malware Command and Control Activity Detected192.168.2.65010688.99.124.230443TCP
            2025-02-13T08:36:39.583834+010028596361Malware Command and Control Activity Detected192.168.2.65012588.99.124.230443TCP
            2025-02-13T08:36:40.898262+010028596361Malware Command and Control Activity Detected192.168.2.65014488.99.124.230443TCP
            2025-02-13T08:36:41.999665+010028596361Malware Command and Control Activity Detected192.168.2.65014688.99.124.230443TCP
            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
            2025-02-13T08:36:08.658878+010028593781Malware Command and Control Activity Detected192.168.2.65000388.99.124.230443TCP

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus / Scanner detection for submitted sample
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeAvira: detected
            Found malware configuration
            Source: 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: Vidar {"C2 url": "https://steamcommunity.com/profiles/76561199825403037", "Botnet": "oomaino5"}
            Multi AV Scanner detection for submitted file
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeVirustotal: Detection: 33%Perma Link
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeReversingLabs: Detection: 40%
            Joe Sandbox ML detected suspicious sample
            Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C5FE7 CryptUnprotectData,10_2_025C5FE7
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE, DEBUG_STRIPPED
            Source: unknownHTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49843 version: TLS 1.0
            Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:49864 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49893 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49894 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49901 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49900 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.6:50000 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 88.99.124.230:443 -> 192.168.2.6:50002 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50015 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50155 version: TLS 1.2
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
            Source: Binary string: A{"id":1,"method":"Storage.getCookies"}|.tgz.gzSecurityHistoryWork Dir: In memorySOFTWARE\Microsoft\Cryptographyfirefox%08lX%04lX%lu_key.txtSoft\Steam\steam_tokens.txt\Discord\tokens.txtpasswords.txtinformation.txtlocalhostWebSocketClient" & exitGdipGetImageHeightSoftGdipGetImagePixelFormatN0ZWFt\Monero\wallet.keysAzure\.awsstatusWallets_CreateProcessGdipGetImageEncodershttpsSoftware\Martin Prikryl\WinSCP 2\SessionsPlugins/devtoolsprefs.jsLocal Extension SettingsSync Extension SettingsFilescookiesCookies\BraveWallet\Preferenceskey_datas%s\%s\%sPortNumberCurrentBuildNumberGdiplusStartup.zipGdipCreateHBITMAPFromBitmapOpera Crypto.zooUnknownGdiplusShutdown/json_logins.jsoninvalid string positionSoftware\Martin Prikryl\WinSCP 2\ConfigurationDisplayVersionSOFTWARE\Microsoft\Windows NT\CurrentVersionopentokenamcommunity.comTelegramSoftware\Valve\SteamGdipSaveImageToStreamGdipLoadImageFromStream\AppData\Roaming\FileZilla\recentservers.xml.dllSOFTWARE\Microsoft\Windows\CurrentVersion\Uninstallapprove_aprilNetworkblock.arjprofiles.ini.lzhGdipGetImageWidthwallet_pathSteamPathscreenshot.jpgstring too longvector<T> too longProcessorNameStringloginusers.vdflibraryfolders.vdfconfig.vdfDialogConfig.vdfDialogConfigOverlay*.vdfGdipGetImageEncodersSizesteam.exeC:\Windows\system32\cmd.exeC:\Windows\system32\rundll32.exeBravetrueformhistory.sqlitecookies.sqliteplaces.sqliteLocal StatefalseAzure\.azureSOFTWARE\monero-project\monero-corechromefile_nameDisplayNameHostNameProductNameUserNameGdipSaveImageToFilemsal.cacheGdipDisposeImagemodeAzure\.IdentityServiceUseMasterPasswordhwidMachineGuidtask_idbuild_idCrash DetectedDisabled%dx%d%d/%d/%d %d:%d:%d.arcvdr1.pdb\Local Storage\leveldb_0.indexeddb.leveldb_formhistory.db_history.db_cookies.db_passwords.db_webdata.db_key4.db\key4.dbfile_dataLogin DataWeb DataoperaOperachrome-extension_[Processes][Software]\storage\default\\.aws\errors\\Telegram Desktop\\Steam\\config\\.azure\ Stable\\.IdentityService\\discord\/c timeout /t 10 & rd /s /q "C:\ProgramData\" & rd /s /q "C:\ProgramData\\..\.ZDISPLAYOpera GXEXCEPTION_INT_OVERFLOWEXCEPTION_FLT_OVERFLOWEXCEPTION_STACK_OVERFLOWEXCEPTION_FLT_UNDERFLOWPOSTEXCEPTION_BREAKPOINT\Local Storage\leveldb\CURRENTEXCEPTION_DATATYPE_MISALIGNMENTEXCEPTION_FLT_INEXACT_RESULTGETEXCEPTION_IN_PAGE_ERRORdQw4w9WgXcQEXCEPTION_SINGLE_STEPGdipCreateBitmapFromHBITMAPEXCEPTION_INT_DIVIDE_BY_ZEROEXCEPTION_FLT_DIVIDE_BY_ZEROEXCEPTION_NONCONTINUABLE_EXCEPTIONUNKNOWN EXCEPTIONEXCEPTION_INVALID_DISPOSITIONEXCEPTION_PRIV_INSTRUCTIONEXCEPTION_ILLEGAL_INSTRUCTIONEXCEPTION_FLT_INVALID_OPERATIONEXCEPTION_ACCESS_VIOLATIONEXCEPTION_FLT_STACK_CHECKEXCEPTION_FLT_DENORMAL_OPERANDEXCEPTION_ARRAY_BOUNDS_EXCEEDED%d MBIndexedDBOCALAPPDATA?<Host><Port><User><Pass encoding="base64">http://localhost:"webSocketDebuggerUrl":6^userContextId=4294967295465 79 41 69 64 48 6C 77 49 6A 6F 67 49 6B 70 58 56 43 49 73ws://localhost:9223.metadata-v2comctl32gdi32:225121Windows 11HTTP/1.1HARDWARE\DESCRIPTION\System\CentralProcessor\0abcdefgh
            Source: Binary string: C:\Users\Administrator\Desktop\vdr1\Release\vdr1.pdbA source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2626999129.000000000A06A000.00000004.00001000.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3121566188.00000000025D9000.00000002.00000400.00020000.00000000.sdmp
            Source: Binary string: vdr1.pdb source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2626999129.000000000A06A000.00000004.00001000.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3121566188.00000000025D9000.00000002.00000400.00020000.00000000.sdmp
            Source: Binary string: BitLockerToGo.pdb source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A2DC000.00000004.00001000.00020000.00000000.sdmp
            Source: Binary string: BitLockerToGo.pdbGCTL source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A2DC000.00000004.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\Users\Administrator\Desktop\vdr1\Release\vdr1.pdb source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2626999129.000000000A06A000.00000004.00001000.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3121566188.00000000025D9000.00000002.00000400.00020000.00000000.sdmp
            Source: Binary string: {"id":1,"method":"Storage.getCookies"}|.tgz.gzSecurityHistoryWork Dir: In memorySOFTWARE\Microsoft\Cryptographyfirefox%08lX%04lX%lu_key.txtSoft\Steam\steam_tokens.txt\Discord\tokens.txtpasswords.txtinformation.txtlocalhostWebSocketClient" & exitGdipGetImageHeightSoftGdipGetImagePixelFormatN0ZWFt\Monero\wallet.keysAzure\.awsstatusWallets_CreateProcessGdipGetImageEncodershttpsSoftware\Martin Prikryl\WinSCP 2\SessionsPlugins/devtoolsprefs.jsLocal Extension SettingsSync Extension SettingsFilescookiesCookies\BraveWallet\Preferenceskey_datas%s\%s\%sPortNumberCurrentBuildNumberGdiplusStartup.zipGdipCreateHBITMAPFromBitmapOpera Crypto.zooUnknownGdiplusShutdown/json_logins.jsoninvalid string positionSoftware\Martin Prikryl\WinSCP 2\ConfigurationDisplayVersionSOFTWARE\Microsoft\Windows NT\CurrentVersionopentokenamcommunity.comTelegramSoftware\Valve\SteamGdipSaveImageToStreamGdipLoadImageFromStream\AppData\Roaming\FileZilla\recentservers.xml.dllSOFTWARE\Microsoft\Windows\CurrentVersion\Uninstallapprove_aprilNetworkblock.arjprofiles.ini.lzhGdipGetImageWidthwallet_pathSteamPathscreenshot.jpgstring too longvector<T> too longProcessorNameStringloginusers.vdflibraryfolders.vdfconfig.vdfDialogConfig.vdfDialogConfigOverlay*.vdfGdipGetImageEncodersSizesteam.exeC:\Windows\system32\cmd.exeC:\Windows\system32\rundll32.exeBravetrueformhistory.sqlitecookies.sqliteplaces.sqliteLocal StatefalseAzure\.azureSOFTWARE\monero-project\monero-corechromefile_nameDisplayNameHostNameProductNameUserNameGdipSaveImageToFilemsal.cacheGdipDisposeImagemodeAzure\.IdentityServiceUseMasterPasswordhwidMachineGuidtask_idbuild_idCrash DetectedDisabled%dx%d%d/%d/%d %d:%d:%d.arcvdr1.pdb\Local Storage\leveldb_0.indexeddb.leveldb_formhistory.db_history.db_cookies.db_passwords.db_webdata.db_key4.db\key4.dbfile_dataLogin DataWeb DataoperaOperachrome-extension_[Processes][Software]\storage\default\\.aws\errors\\Telegram Desktop\\Steam\\config\\.azure\ Stable\\.IdentityService\\discord\/c timeout /t 10 & rd /s /q "C:\ProgramData\" & rd /s /q "C:\ProgramData\\..\.ZDISPLAYOpera GXEXCEPTION_INT_OVERFLOWEXCEPTION_FLT_OVERFLOWEXCEPTION_STACK_OVERFLOWEXCEPTION_FLT_UNDERFLOWPOSTEXCEPTION_BREAKPOINT\Local Storage\leveldb\CURRENTEXCEPTION_DATATYPE_MISALIGNMENTEXCEPTION_FLT_INEXACT_RESULTGETEXCEPTION_IN_PAGE_ERRORdQw4w9WgXcQEXCEPTION_SINGLE_STEPGdipCreateBitmapFromHBITMAPEXCEPTION_INT_DIVIDE_BY_ZEROEXCEPTION_FLT_DIVIDE_BY_ZEROEXCEPTION_NONCONTINUABLE_EXCEPTIONUNKNOWN EXCEPTIONEXCEPTION_INVALID_DISPOSITIONEXCEPTION_PRIV_INSTRUCTIONEXCEPTION_ILLEGAL_INSTRUCTIONEXCEPTION_FLT_INVALID_OPERATIONEXCEPTION_ACCESS_VIOLATIONEXCEPTION_FLT_STACK_CHECKEXCEPTION_FLT_DENORMAL_OPERANDEXCEPTION_ARRAY_BOUNDS_EXCEEDED%d MBIndexedDBOCALAPPDATA?<Host><Port><User><Pass encoding="base64">http://localhost:"webSocketDebuggerUrl":6^userContextId=4294967295465 79 41 69 64 48 6C 77 49 6A 6F 67 49 6B 70 58 56 43 49 73ws://localhost:9223.metadata-v2comctl32gdi32:225121Windows 11HTTP/1.1HARDWARE\DESCRIPTION\System\CentralProcessor\0abcdefghi
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D2A5D FindFirstFileA,10_2_025D2A5D
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025CA69C FindFirstFileA,CopyFileA,DeleteFileA,FindNextFileA,10_2_025CA69C
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C7891 FindFirstFileA,CopyFileA,CopyFileA,FindNextFileA,10_2_025C7891
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C8776 FindFirstFileA,FindNextFileA,10_2_025C8776
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D3B10 FindFirstFileA,FindNextFileA,10_2_025D3B10
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C13DA FindFirstFileA,10_2_025C13DA
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D1BD2 FindFirstFileA,10_2_025D1BD2
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C6784 FindFirstFileA,CopyFileA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,10_2_025C6784
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D1187 FindFirstFileA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileA,10_2_025D1187
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D1722 GetLogicalDriveStringsA,GetDriveTypeA,10_2_025D1722
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
            Source: chrome.exeMemory has grown: Private usage: 8MB later: 28MB

            Networking

            barindex
            Suricata IDS alerts for network traffic
            Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M1 : 192.168.2.6:50004 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859378 - Severity 1 - ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M2 : 192.168.2.6:50003 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50008 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50007 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 88.99.124.230:443 -> 192.168.2.6:50006
            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 88.99.124.230:443 -> 192.168.2.6:50005
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50060 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50039 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50043 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50043 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50042 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50042 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50079 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50079 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50083 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50083 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50044 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50106 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50106 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50125 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50125 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50041 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50041 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50146 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50146 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50150 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50151 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.6:50144 -> 88.99.124.230:443
            Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.6:50144 -> 88.99.124.230:443
            C2 URLs / IPs found in malware configuration
            Source: Malware configuration extractorURLs: https://steamcommunity.com/profiles/76561199825403037
            Source: global trafficHTTP traffic detected: GET /b4cha00 HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
            Source: Joe Sandbox ViewIP Address: 2.22.242.11 2.22.242.11
            Source: Joe Sandbox ViewIP Address: 20.189.173.13 20.189.173.13
            Source: Joe Sandbox ViewIP Address: 18.244.18.27 18.244.18.27
            Source: Joe Sandbox ViewIP Address: 149.154.167.99 149.154.167.99
            Source: Joe Sandbox ViewIP Address: 149.154.167.99 149.154.167.99
            Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
            Source: Joe Sandbox ViewJA3 fingerprint: 6271f898ce5be7dd52b0fc260d0662b3
            Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
            Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
            Source: unknownHTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49843 version: TLS 1.0
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 40.113.103.199
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 104.70.121.193
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.13
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C3C79 InternetOpenA,InternetConnectA,HttpOpenRequestA,HttpSendRequestA,InternetReadFile,10_2_025C3C79
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239400980050_1PW8OVEXHJX99CZMV&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239400980054_1OGDK147FWK2B0UFH&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239399109664_12R6JVR4SJZQSTHCV&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239399109665_1344PV668L57B53FJ&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239413729839_1JINKBNNYOPNVJTU3&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239400980054_1OGDK147FWK2B0UFH&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239413729840_11OG8M8XRSLP8PKG6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239400980054_1OGDK147FWK2B0UFH&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239400980054_1OGDK147FWK2B0UFH&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
            Source: global trafficHTTP traffic detected: GET /b4cha00 HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0Host: sailiabot.comConnection: Keep-AliveCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEI3L3NAQi5ys0BCOnSzQEI6NXNAQjL1s0BCKjYzQEI+cDUFRi60s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEI3L3NAQi5ys0BCOnSzQEI6NXNAQjL1s0BCKjYzQEI+cDUFRi60s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlKHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531 HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowPrivateTarget","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"peek","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
            Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/web-worker.8ed343c804e9069b52b4.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.45sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.55", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.150"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-full-version: "117.0.2045.55"sec-ch-dpr: 1ect: 4gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowPrivateTarget","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"peek","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=BFBC01FB03414F82BBF1C7652689144F.RefC=2025-02-13T07:36:31Z; USRLOC=; MUID=3AF11E0F011363DE0AF40B9D009962CB; MUIDB=3AF11E0F011363DE0AF40B9D009962CB; _EDGE_S=F=1&SID=21459339A48662E32CF586ABA5696315; _EDGE_V=1
            Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/SSR-extension.1638b09beb9f6d816dd5.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.45sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.55", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.150"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-full-version: "117.0.2045.55"sec-ch-dpr: 1ect: 4gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowPrivateTarget","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"peek","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=BFBC01FB03414F82BBF1C7652689144F.RefC=2025-02-13T07:36:31Z; USRLOC=; MUID=3AF11E0F011363DE0AF40B9D009962CB; MUIDB=3AF11E0F011363DE0AF40B9D009962CB; _EDGE_S=F=1&SID=21459339A48662E32CF586ABA5696315; _EDGE_V=1
            Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/vendors.f30eb488fb3069c7561f.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
            Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/microsoft.5da1d823f3d7131a6bff.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
            Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/common.08f41c6a910607bc8d6a.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
            Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/experience.2c63b8de13b4a7e541d7.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
            Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1739432196244&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=bfbc01fb03414f82bbf1c7652689144f&activityId=bfbc01fb03414f82bbf1c7652689144f&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=3AF11E0F011363DE0AF40B9D009962CB; _EDGE_S=F=1&SID=21459339A48662E32CF586ABA5696315; _EDGE_V=1
            Source: global trafficHTTP traffic detected: GET /b?rn=1739432196245&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=3AF11E0F011363DE0AF40B9D009962CB&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
            Source: global trafficHTTP traffic detected: GET /crx/blobs/ASuc5ohfQPNzGo5SSihcSk6msC8CUKw5id-p0KCEkBKwK2LS4AjdrDP0wa1qjzCTaTWEfyM52ADmUAdPETYA5vgD87UPEj6gyG11hjsvMLHGmzQgJ9F5D8s8Lo0Lbai5BQYAxlKa5esPJXukyaicyq83JwZ0HIWqzrjN/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_86_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
            Source: global trafficHTTP traffic detected: GET /b2?rn=1739432196245&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=3AF11E0F011363DE0AF40B9D009962CB&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: UID=1EDa5087473a5db798e52101739432198; XID=1EDa5087473a5db798e52101739432198
            Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-GB&title=New+tab&enableForceCache=true HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 10sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.55", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.150"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 150sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-full-version: "117.0.2045.55"sec-ch-dpr: 1ect: 4gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowPrivateTarget","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"peek","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_Auth=; pglt-edgeChromium-dhp=547; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=BFBC01FB03414F82BBF1C7652689144F.RefC=2025-02-13T07:36:31Z; USRLOC=; MUID=3AF11E0F011363DE0AF40B9D009962CB; MUIDB=3AF11E0F011363DE0AF40B9D009962CB; _EDGE_S=F=1&SID=21459339A48662E32CF586ABA5696315; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=59981484-a402-4f81-b4f9-3d40ccef31db; ai_session=HHePNL9Dt2MCF1QbUb2lPP|1739432196240|1739432196240; sptmarket_restored=en-GB||us|en-us|en-us|en||cf=8|RefA=BFBC01FB03414F82BBF1C7652689144F.RefC=2025-02-13T07:36:31Z
            Source: global trafficHTTP traffic detected: GET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true HTTP/1.1Host: ntp.msn.comConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-edge-ntp: {"back_block":0,"bg_cur":{"configIndex":15,"imageId":"BB1msyCI","provider":"CMSImage","userSelected":false},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowPrivateTarget","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"peek","layout":1,"quick_links_opt":1,"sel_feed_piv":"myFeed","show_greet":true,"vt_opened":false,"wpo_nx":{"v":"2","wgt":{"src":"default"}}}Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_Auth=; pglt-edgeChromium-dhp=547; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=BFBC01FB03414F82BBF1C7652689144F.RefC=2025-02-13T07:36:31Z; USRLOC=; MUID=3AF11E0F011363DE0AF40B9D009962CB; MUIDB=3AF11E0F011363DE0AF40B9D009962CB; _EDGE_S=F=1&SID=21459339A48662E32CF586ABA5696315; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=59981484-a402-4f81-b4f9-3d40ccef31db; ai_session=HHePNL9Dt2MCF1QbUb2lPP|1739432196240|1739432196240; sptmarket_restored=en-GB||us|en-us|en-us|en||cf=8|RefA=BFBC01FB03414F82BBF1C7652689144F.RefC=2025-02-13T07:36:31Z
            Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1739432196244&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=bfbc01fb03414f82bbf1c7652689144f&activityId=bfbc01fb03414f82bbf1c7652689144f&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=243B752AE63242578C7C139546A30212&MUID=3AF11E0F011363DE0AF40B9D009962CB HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=3AF11E0F011363DE0AF40B9D009962CB; _EDGE_S=F=1&SID=21459339A48662E32CF586ABA5696315; _EDGE_V=1; SM=T
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
            Source: 000003.log0.16.drString found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
            Source: 000003.log0.16.drString found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
            Source: 000003.log0.16.drString found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: %https://www.youtube.com/?feature=ytca equals www.youtube.com (Youtube)
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: @https://www.youtube.com/s/notifications/manifest/cr_install.html equals www.youtube.com (Youtube)
            Source: chrome.exe, 0000000B.00000003.2743744496.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743137331.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743814809.000018A000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: const FACEBOOK_APP_ID=738026486351791;class DoodleShareDialogElement extends PolymerElement{static get is(){return"ntp-doodle-share-dialog"}static get template(){return getTemplate$3()}static get properties(){return{title:String,url:Object}}onFacebookClick_(){const url="https://www.facebook.com/dialog/share"+`?app_id=${FACEBOOK_APP_ID}`+`&href=${encodeURIComponent(this.url.url)}`+`&hashtag=${encodeURIComponent("#GoogleDoodle")}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kFacebook)}onTwitterClick_(){const url="https://twitter.com/intent/tweet"+`?text=${encodeURIComponent(`${this.title}\n${this.url.url}`)}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kTwitter)}onEmailClick_(){const url=`mailto:?subject=${encodeURIComponent(this.title)}`+`&body=${encodeURIComponent(this.url.url)}`;WindowProxy.getInstance().navigate(url);this.notifyShare_(DoodleShareChannel.kEmail)}onCopyClick_(){this.$.url.select();navigator.clipboard.writeText(this.url.url);this.notifyShare_(DoodleShareChannel.kLinkCopy)}onCloseClick_(){this.$.dialog.close()}notifyShare_(channel){this.dispatchEvent(new CustomEvent("share",{detail:channel}))}}customElements.define(DoodleShareDialogElement.is,DoodleShareDialogElement);function getTemplate$2(){return html`<!--_html_template_start_--><style include="cr-hidden-style">:host{--ntp-logo-height:200px;display:flex;flex-direction:column;flex-shrink:0;justify-content:flex-end;min-height:var(--ntp-logo-height)}:host([reduced-logo-space-enabled_]){--ntp-logo-height:168px}:host([doodle-boxed_]){justify-content:flex-end}#logo{forced-color-adjust:none;height:92px;width:272px}:host([single-colored]) #logo{-webkit-mask-image:url(icons/google_logo.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-size:100%;background-color:var(--ntp-logo-color)}:host(:not([single-colored])) #logo{background-image:url(icons/google_logo.svg)}#imageDoodle{cursor:pointer;outline:0}#imageDoodle[tabindex='-1']{cursor:auto}:host([doodle-boxed_]) #imageDoodle{background-color:var(--ntp-logo-box-color);border-radius:20px;padding:16px 24px}:host-context(.focus-outline-visible) #imageDoodle:focus{box-shadow:0 0 0 2px rgba(var(--google-blue-600-rgb),.4)}#imageContainer{display:flex;height:fit-content;position:relative;width:fit-content}#image{max-height:var(--ntp-logo-height);max-width:100%}:host([doodle-boxed_]) #image{max-height:160px}:host([doodle-boxed_][reduced-logo-space-enabled_]) #image{max-height:128px}#animation{height:100%;pointer-events:none;position:absolute;width:100%}#shareButton{background-color:var(--ntp-logo-share-button-background-color,none);border:none;height:var(--ntp-logo-share-button-height,0);left:var(--ntp-logo-share-button-x,0);min-width:var(--ntp-logo-share-button-width,0);opacity:.8;outline:initial;padding:2px;position:absolute;top:var(--ntp-logo-share-button-y,0);width:var(--ntp-logo-share-button-width,0)}#shareButton:hover{opacity:1}#shareButton img{height:100%;width:100%}#iframe{border:none;
            Source: chrome.exe, 0000000B.00000003.2743744496.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743137331.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743814809.000018A000444000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: const FACEBOOK_APP_ID=738026486351791;class DoodleShareDialogElement extends PolymerElement{static get is(){return"ntp-doodle-share-dialog"}static get template(){return getTemplate$3()}static get properties(){return{title:String,url:Object}}onFacebookClick_(){const url="https://www.facebook.com/dialog/share"+`?app_id=${FACEBOOK_APP_ID}`+`&href=${encodeURIComponent(this.url.url)}`+`&hashtag=${encodeURIComponent("#GoogleDoodle")}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kFacebook)}onTwitterClick_(){const url="https://twitter.com/intent/tweet"+`?text=${encodeURIComponent(`${this.title}\n${this.url.url}`)}`;WindowProxy.getInstance().open(url);this.notifyShare_(DoodleShareChannel.kTwitter)}onEmailClick_(){const url=`mailto:?subject=${encodeURIComponent(this.title)}`+`&body=${encodeURIComponent(this.url.url)}`;WindowProxy.getInstance().navigate(url);this.notifyShare_(DoodleShareChannel.kEmail)}onCopyClick_(){this.$.url.select();navigator.clipboard.writeText(this.url.url);this.notifyShare_(DoodleShareChannel.kLinkCopy)}onCloseClick_(){this.$.dialog.close()}notifyShare_(channel){this.dispatchEvent(new CustomEvent("share",{detail:channel}))}}customElements.define(DoodleShareDialogElement.is,DoodleShareDialogElement);function getTemplate$2(){return html`<!--_html_template_start_--><style include="cr-hidden-style">:host{--ntp-logo-height:200px;display:flex;flex-direction:column;flex-shrink:0;justify-content:flex-end;min-height:var(--ntp-logo-height)}:host([reduced-logo-space-enabled_]){--ntp-logo-height:168px}:host([doodle-boxed_]){justify-content:flex-end}#logo{forced-color-adjust:none;height:92px;width:272px}:host([single-colored]) #logo{-webkit-mask-image:url(icons/google_logo.svg);-webkit-mask-repeat:no-repeat;-webkit-mask-size:100%;background-color:var(--ntp-logo-color)}:host(:not([single-colored])) #logo{background-image:url(icons/google_logo.svg)}#imageDoodle{cursor:pointer;outline:0}#imageDoodle[tabindex='-1']{cursor:auto}:host([doodle-boxed_]) #imageDoodle{background-color:var(--ntp-logo-box-color);border-radius:20px;padding:16px 24px}:host-context(.focus-outline-visible) #imageDoodle:focus{box-shadow:0 0 0 2px rgba(var(--google-blue-600-rgb),.4)}#imageContainer{display:flex;height:fit-content;position:relative;width:fit-content}#image{max-height:var(--ntp-logo-height);max-width:100%}:host([doodle-boxed_]) #image{max-height:160px}:host([doodle-boxed_][reduced-logo-space-enabled_]) #image{max-height:128px}#animation{height:100%;pointer-events:none;position:absolute;width:100%}#shareButton{background-color:var(--ntp-logo-share-button-background-color,none);border:none;height:var(--ntp-logo-share-button-height,0);left:var(--ntp-logo-share-button-x,0);min-width:var(--ntp-logo-share-button-width,0);opacity:.8;outline:initial;padding:2px;position:absolute;top:var(--ntp-logo-share-button-y,0);width:var(--ntp-logo-share-button-width,0)}#shareButton:hover{opacity:1}#shareButton img{height:100%;width:100%}#iframe{border:none;
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/: equals www.youtube.com (Youtube)
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/J equals www.youtube.com (Youtube)
            Source: chrome.exe, 0000000B.00000002.2819532817.000018A0002C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.html equals www.youtube.com (Youtube)
            Source: global trafficDNS traffic detected: DNS query: t.me
            Source: global trafficDNS traffic detected: DNS query: sailiabot.com
            Source: global trafficDNS traffic detected: DNS query: www.google.com
            Source: global trafficDNS traffic detected: DNS query: apis.google.com
            Source: global trafficDNS traffic detected: DNS query: play.google.com
            Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
            Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
            Source: global trafficDNS traffic detected: DNS query: sb.scorecardresearch.com
            Source: global trafficDNS traffic detected: DNS query: assets.msn.com
            Source: global trafficDNS traffic detected: DNS query: c.msn.com
            Source: global trafficDNS traffic detected: DNS query: api.msn.com
            Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
            Source: unknownHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----8q9zuasrq16p8qqi5phlUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0Host: sailiabot.comContent-Length: 256Connection: Keep-AliveCache-Control: no-cache
            Source: chrome.exe, 0000000B.00000002.2822342089.000018A00081C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824193149.000018A000BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824193149.000018A000BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824193149.000018A000BC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/59063
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906M
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906V
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906_
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906l
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141(
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/62487
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
            Source: chrome.exe, 0000000B.00000002.2823315116.000018A000ACC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
            Source: chrome.exe, 0000000B.00000002.2822342089.000018A00081C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488&
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556W
            Source: chrome.exe, 0000000B.00000002.2822342089.000018A00081C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
            Source: chrome.exe, 0000000B.00000002.2822342089.000018A00081C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://clients2.google.com/time/1/current
            Source: chrome.exe, 0000000B.00000002.2821146404.000018A00064C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://clientservices.googleapis.com/chrome-variations/seed?osname=win&channel=stable&milestone=117
            Source: chrome.exe, 0000000B.00000002.2816842485.000018A00005A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://google.com/
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
            Source: chrome.exe, 0000000B.00000003.2744623446.000018A000F24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744736696.000018A001070000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744809170.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2745639471.000018A00108C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://jsbin.com/temexa/4.
            Source: chrome.exe, 0000000B.00000003.2744778434.000018A0010C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744623446.000018A000F24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746495850.000018A000FBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746407930.000018A000490000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746728626.000018A000FB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744736696.000018A001070000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744809170.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746463528.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746431337.000018A000F18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A000390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2745639471.000018A00108C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/AUTHORS.txt
            Source: chrome.exe, 0000000B.00000003.2744778434.000018A0010C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744623446.000018A000F24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746495850.000018A000FBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746407930.000018A000490000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746728626.000018A000FB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744736696.000018A001070000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744809170.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746463528.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746431337.000018A000F18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A000390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2745639471.000018A00108C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
            Source: chrome.exe, 0000000B.00000003.2744778434.000018A0010C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744623446.000018A000F24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746495850.000018A000FBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746407930.000018A000490000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746728626.000018A000FB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744736696.000018A001070000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744809170.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746463528.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746431337.000018A000F18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A000390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2745639471.000018A00108C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/LICENSE.txt
            Source: chrome.exe, 0000000B.00000003.2744778434.000018A0010C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744623446.000018A000F24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746495850.000018A000FBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746407930.000018A000490000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746728626.000018A000FB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744736696.000018A001070000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744809170.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746463528.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746431337.000018A000F18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A000390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2745639471.000018A00108C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://polymer.github.io/PATENTS.txt
            Source: chrome.exe, 0000000B.00000002.2825853092.000018A000E4C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822473895.000018A000870000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://redirector.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUw
            Source: chrome.exe, 0000000B.00000002.2822857917.000018A00098C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://safebrowsing.googleusercontent.com/safebrowsing/clientreport/chrome-certs
            Source: chrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://unisolated.invalid/
            Source: chrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://unisolated.invalid/Q
            Source: chrome.exe, 0000000B.00000002.2823100844.000018A000A24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.gstatic.com/generate_204
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, 6xt0ri.10.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accountcapabilities-pa.googleapis.com/
            Source: chrome.exe, 0000000B.00000002.2817491533.000018A00008C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accountcapabilities-pa.googleapis.com/v1/accountcapabilities:batchGet
            Source: chrome.exe, 0000000B.00000002.2820195734.000018A0004B0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819886036.000018A0003B0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com
            Source: chrome.exe, 0000000B.00000002.2816481381.000018A00000C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/AddSession
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/GetCheckConnectionInfo
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/ListAccounts?json=standard
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/Logout
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/MergeSession
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/OAuthLogin
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/RotateBoundCookies
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport/allowlist
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/_/IdentityListAccountsHttp/cspreport/fine-allowlist
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/chrome/blank.html
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/chrome/blank.htmlB
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/reauth/chromeos
            Source: chrome.exe, 0000000B.00000002.2817908177.000018A0000A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenu
            Source: chrome.exe, 0000000B.00000002.2817908177.000018A0000A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/setup/kidsignin/chromeos
            Source: chrome.exe, 0000000B.00000002.2817908177.000018A0000A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/setup/kidsignup/chromeos
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/setup/v2/chromeos
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/setup/windows
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/xreauth/chrome
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/encryption/unlock/desktop
            Source: chrome.exe, 0000000B.00000002.2817491533.000018A00008C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/encryption/unlock/desktop?kdi=CAIaDgoKY2hyb21lc3luYxAB
            Source: chromecache_511.13.drString found in binary or memory: https://accounts.google.com/o/oauth2/auth
            Source: chromecache_511.13.drString found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/o/oauth2/revoke
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/oauth/multilogin
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/signin/chrome/sync?ssp=1
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com:443
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aida.googleapis.com/v1/aida:doConversation2
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161e
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
            Source: chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847%
            Source: chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
            Source: chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763288729.000018A001394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2762024536.000018A0013E4000.00000004.00000800.00020000.00000000.sdmp, chromecache_511.13.dr, chromecache_512.13.drString found in binary or memory: https://apis.google.com
            Source: msedge.exe, 0000000F.00000002.2944760896.0000026DB274F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000050D0000.00000004.00000020.00020000.00000000.sdmp, kfcjwb.10.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000050D0000.00000004.00000020.00020000.00000000.sdmp, kfcjwb.10.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta
            Source: chrome.exe, 0000000B.00000002.2826696592.000018A00100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820436132.000018A000518000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://calendar.google.com/calendar/u/0/r/eventedit?usp=chrome_actions
            Source: chrome.exe, 0000000B.00000002.2824530857.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2741305497.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746648147.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766074819.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2760486164.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2800046500.000018A000C50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.ico
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, 6xt0ri.10.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
            Source: offscreendocument_main.js.16.dr, service_worker_bin_prod.js.16.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/mathjax/
            Source: chrome.exe, 0000000B.00000002.2824628657.000018A000C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.ico
            Source: chrome.exe, 0000000B.00000002.2824628657.000018A000C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icofrom_play_api
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
            Source: chrome.exe, 0000000B.00000002.2824577418.000018A000C68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/search
            Source: chrome.exe, 0000000B.00000002.2823504802.000018A000B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/search?ei=&fr=crmas&p=
            Source: chrome.exe, 0000000B.00000002.2823504802.000018A000B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/search?ei=&fr=crmas&p=searchTerms
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2817491533.000018A00008C000.00000004.00000800.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
            Source: chrome.exe, 0000000B.00000003.2734527511.000018A0004BC000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000002.2947987304.0000718402394000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore
            Source: manifest.json.16.drString found in binary or memory: https://chrome.google.com/webstore/
            Source: chrome.exe, 0000000B.00000002.2821111330.000018A000620000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore206E5
            Source: chrome.exe, 0000000B.00000002.2824245116.000018A000BE4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2827012775.000018A001128000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2827042684.000018A001140000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2823100844.000018A000A24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore?hl=en
            Source: chrome.exe, 0000000B.00000002.2824245116.000018A000BE4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2827012775.000018A001128000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore?hl=enZ
            Source: chrome.exe, 0000000B.00000003.2742996041.000018A000CC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740497335.000018A000490000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739496364.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2742964496.000018A000F88000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2751669857.000018A000CC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2741154299.000018A000CC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2742156571.000018A000490000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstoreLDDiscover
            Source: chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymity-pa.googleapis.com/
            Source: chrome.exe, 0000000B.00000003.2731513443.00006CF40039C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymity-pa.googleapis.com/2%
            Source: chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/
            Source: chrome.exe, 0000000B.00000003.2731513443.00006CF40039C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/2$
            Source: chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/KAnonymityServiceJoinRelayServerhttps://chromekanonym
            Source: chrome.exe, 0000000B.00000003.2731813027.00006CF400684000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/
            Source: chrome.exe, 0000000B.00000003.2731513443.00006CF40039C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/2O
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromereporting-pa.googleapis.com/v1/events
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromereporting-pa.googleapis.com/v1/record
            Source: chrome.exe, 0000000B.00000002.2816642761.000018A000028000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000002.2947987304.0000718402394000.00000004.00000800.00020000.00000000.sdmp, manifest.json.16.drString found in binary or memory: https://chromewebstore.google.com/
            Source: chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromium-i18n.appspot.com/ssl-aggregate-address/
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://classroom.googleapis.com/
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://classroom.googleapis.com/g
            Source: chrome.exe, 0000000B.00000003.2727657380.00003978002E4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2727632981.00003978002D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/cr/report
            Source: chrome.exe, 0000000B.00000002.2821336739.000018A0006D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/c
            Source: chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2734527511.000018A0004BC000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000002.2947171013.0000718402240000.00000004.00000800.00020000.00000000.sdmp, manifest.json0.16.drString found in binary or memory: https://clients2.google.com/service/update2/crx
            Source: chrome.exe, 0000000B.00000002.2822857917.000018A00098C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients3.google.com/cast/chromecast/home/wallpaper/collection-images?rt=b
            Source: chrome.exe, 0000000B.00000002.2822857917.000018A00098C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients3.google.com/cast/chromecast/home/wallpaper/collections?rt=b
            Source: chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients3.google.com/cast/chromecast/home/wallpaper/image?rt=b
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients4.google.com/chrome-sync
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients4.google.com/chrome-sync/event
            Source: chromecache_511.13.drString found in binary or memory: https://clients6.google.com
            Source: chrome.exe, 0000000B.00000002.2821146404.000018A00064C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clientservices.googleapis.com/chrome-variations/seed?osname=win&channel=stable&milestone=117
            Source: chromecache_511.13.drString found in binary or memory: https://content.googleapis.com
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000050D0000.00000004.00000020.00020000.00000000.sdmp, kfcjwb.10.drString found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000050D0000.00000004.00000020.00020000.00000000.sdmp, kfcjwb.10.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
            Source: chrome.exe, 0000000B.00000002.2821597699.000018A000740000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/gws/cdt1
            Source: chrome.exe, 0000000B.00000002.2823265992.000018A000AAC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/report-to/gws/none
            Source: chrome.exe, 0000000B.00000002.2819634607.000018A000308000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.
            Source: manifest.json0.16.drString found in binary or memory: https://docs.google.com/
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/:
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/?usp=installed_webapp
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/J
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/d/1z2sdBwnUF2tSlhl3R2iUlk7gvmSbuLVXOgriPIcJkXQ/preview2K
            Source: chrome.exe, 0000000B.00000002.2819532817.000018A0002C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/installwebapp?usp=chrome_default
            Source: chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/u/0/create?usp=chrome_actions
            Source: chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824662396.000018A000C84000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/forms/u/0/create?usp=chrome_actions
            Source: chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824662396.000018A000C84000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/forms/u/0/create?usp=chrome_actionsy
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/:
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/?usp=installed_webapp
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/J
            Source: chrome.exe, 0000000B.00000002.2819532817.000018A0002C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/installwebapp?usp=chrome_default
            Source: chrome.exe, 0000000B.00000002.2826696592.000018A00100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820436132.000018A000518000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/u/0/create?usp=chrome_actions
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/:
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/?usp=installed_webapp
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/J
            Source: chrome.exe, 0000000B.00000002.2819532817.000018A0002C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/installwebapp?usp=chrome_default
            Source: chrome.exe, 0000000B.00000002.2826696592.000018A00100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820436132.000018A000518000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/u/0/create?usp=chrome_actions
            Source: chromecache_511.13.drString found in binary or memory: https://domains.google.com/suggest/flow
            Source: manifest.json0.16.drString found in binary or memory: https://drive-autopush.corp.google.com/
            Source: manifest.json0.16.drString found in binary or memory: https://drive-daily-0.corp.google.com/
            Source: chrome.exe, 0000000B.00000002.2819634607.000018A000308000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-1.corp.google.c
            Source: manifest.json0.16.drString found in binary or memory: https://drive-daily-1.corp.google.com/
            Source: manifest.json0.16.drString found in binary or memory: https://drive-daily-2.corp.google.com/
            Source: chrome.exe, 0000000B.00000002.2819634607.000018A000308000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-3.corp.googl
            Source: manifest.json0.16.drString found in binary or memory: https://drive-daily-3.corp.google.com/
            Source: manifest.json0.16.drString found in binary or memory: https://drive-daily-4.corp.google.com/
            Source: manifest.json0.16.drString found in binary or memory: https://drive-daily-5.corp.google.com/
            Source: manifest.json0.16.drString found in binary or memory: https://drive-daily-6.corp.google.com/
            Source: manifest.json0.16.drString found in binary or memory: https://drive-preprod.corp.google.com/
            Source: manifest.json0.16.drString found in binary or memory: https://drive-staging.corp.google.com/
            Source: chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive-thirdparty.googleusercontent.com/32/type/
            Source: manifest.json0.16.drString found in binary or memory: https://drive.google.com/
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/:
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/?lfhs=2
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/J
            Source: chrome.exe, 0000000B.00000002.2819782938.000018A000380000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/drive/installwebapp?usp=chrome_default
            Source: chrome.exe, 0000000B.00000002.2824628657.000018A000C74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?q=
            Source: chrome.exe, 0000000B.00000002.2821210354.000018A00068C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?q=searchTerms
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drString found in binary or memory: https://duckduckgo.com/ac/?q=
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822473895.000018A000870000.00000004.00000800.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
            Source: chrome.exe, 0000000B.00000002.2822473895.000018A000870000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.ico
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
            Source: HubApps Icons.16.dr, 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
            Source: HubApps Icons.16.dr, 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
            Source: HubApps Icons.16.dr, 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
            Source: HubApps Icons.16.dr, 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
            Source: HubApps Icons.16.dr, 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
            Source: HubApps Icons.16.dr, 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
            Source: HubApps Icons.16.dr, 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
            Source: HubApps Icons.16.dr, 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://excel.new?from=EdgeM365Shoreline
            Source: chrome.exe, 0000000B.00000003.2731813027.00006CF400684000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/
            Source: chrome.exe, 0000000B.00000003.2731513443.00006CF40039C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/2J
            Source: chrome.exe, 0000000B.00000003.2731813027.00006CF400684000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/gj
            Source: chrome.exe, 0000000B.00000003.2731813027.00006CF400684000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/
            Source: chrome.exe, 0000000B.00000003.2731513443.00006CF40039C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/2P
            Source: chrome.exe, 0000000B.00000003.2731813027.00006CF400684000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/https://chromekanonymityquery-pa.googleapis.com/Ena
            Source: chrome.exe, 0000000B.00000003.2731813027.00006CF400684000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/https://chromekanonymityquery-pa.googleapis.com/htt
            Source: chrome.exe, 0000000B.00000003.2731813027.00006CF400684000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/https://chromekanonymityquery-pa.googleapis.com/l
            Source: chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2767675930.000018A001A7C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2767639702.000018A001A78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2767722812.000018A001A80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/b
            Source: chrome.exe, 0000000B.00000003.2731513443.00006CF40039C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-safebrowsing.fastly-edge.com/bJ
            Source: msedge.exe, 0000000F.00000002.2948402913.00007184025A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/googleapis.com
            Source: chrome.exe, 0000000B.00000002.2821069288.000018A00060C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://googleusercontent.com/
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://goto.google.com/sme-bugs27
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://goto.google.com/sme-bugs2e
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000050D0000.00000004.00000020.00020000.00000000.sdmp, kfcjwb.10.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/161903006
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/166809097
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/184850002
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/187425444
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/220069903
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/229267970
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/250706693
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/253522366
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/255411748
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/258207403
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/274859104
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/284462263
            Source: chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
            Source: chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://keep.google.com/u/0/?usp=chrome_actions#NEWNOTE
            Source: chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://keep.google.com/u/0/?usp=chrome_actions#NEWNOTEkly
            Source: chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://keep.google.com/u/0/?usp=chrome_actions#NEWNOTEklyhttps://sites.google.com/u/0/create?usp=ch
            Source: chrome.exe, 0000000B.00000002.2832468362.00006CF400770000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2
            Source: chrome.exe, 0000000B.00000002.2830367954.00006CF400238000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2767074758.000018A001994000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2832468362.00006CF400770000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard
            Source: chrome.exe, 0000000B.00000003.2731513443.00006CF40039C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard2
            Source: chrome.exe, 0000000B.00000003.2731513443.00006CF40039C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardb
            Source: chrome.exe, 0000000B.00000002.2832468362.00006CF400770000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardhttps://labs.google.com/search/experiments
            Source: chrome.exe, 0000000B.00000002.2830367954.00006CF400238000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2832468362.00006CF400770000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardl
            Source: chrome.exe, 0000000B.00000002.2832468362.00006CF400770000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiments
            Source: chrome.exe, 0000000B.00000002.2819978645.000018A00040C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search?source=ntp
            Source: chrome.exe, 0000000B.00000003.2746728626.000018A000FB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/upload
            Source: chrome.exe, 0000000B.00000003.2746728626.000018A000FB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/uploadbyurl
            Source: chrome.exe, 0000000B.00000003.2732084621.00006CF4006EC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2832428156.00006CF400744000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload
            Source: chrome.exe, 0000000B.00000003.2731273543.00006CF400390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload2
            Source: chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/uploadSidePanelCompanionDesktopM116Plus
            Source: chrome.exe, 0000000B.00000002.2832551078.00006CF40078C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/uploadSidePanelCompanionDesktopM116PlusEnabled_UnPinned_NewTab_20230918
            Source: chrome.exe, 0000000B.00000002.2832428156.00006CF400744000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/uploadcompanion-iph-blocklisted-page-urlsexps-registration-success-page-u
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lensfrontend-pa.googleapis.com/v1/crupload2
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://m.google.com/devicemanagement/data/api
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/:
            Source: chrome.exe, 0000000B.00000002.2819978645.000018A00040C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?tab=rm&amp;ogbl
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?usp=installed_webapp
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/J
            Source: chrome.exe, 0000000B.00000002.2819782938.000018A000380000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/installwebapp?usp=chrome_default
            Source: msedge.exe, 0000000F.00000002.2948402913.00007184025A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
            Source: msedge.exe, 0000000F.00000002.2948402913.00007184025A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
            Source: Cookies.18.drString found in binary or memory: https://msn.comXID/
            Source: Cookies.18.drString found in binary or memory: https://msn.comXIDv10
            Source: chrome.exe, 0000000B.00000002.2826696592.000018A00100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820436132.000018A000518000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/?utm_source=ga-chrome-actions&utm_medium=manageGA
            Source: chrome.exe, 0000000B.00000003.2741075067.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743814809.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739496364.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822779063.000018A000938000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820131458.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A00048C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/data-and-privacy?utm_source=ga-chrome-actions&utm_medium=managePrivacy
            Source: chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/data-and-privacy?utm_source=ga-chrome-actions&utm_medium=managePrivacyf
            Source: chrome.exe, 0000000B.00000003.2741075067.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743814809.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824577418.000018A000C68000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739496364.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822779063.000018A000938000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820131458.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A00048C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/find-your-phone?utm_source=ga-chrome-actions&utm_medium=findYourPhone
            Source: chrome.exe, 0000000B.00000002.2824577418.000018A000C68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/find-your-phone?utm_source=ga-chrome-actions&utm_medium=findYourPhoneaf
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/shielded-email2B
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/shielded-email?utm_source=chrome2B
            Source: chrome.exe, 0000000B.00000003.2741075067.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743814809.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821371131.000018A0006E8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739496364.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822779063.000018A000938000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820131458.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A00048C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myaccount.google.com/signinoptions/password?utm_source=ga-chrome-actions&utm_medium=changePW
            Source: chrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A0003AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://myactivity.google.com/
            Source: 000003.log8.16.dr, 2cc80dabc69f58b6_0.16.drString found in binary or memory: https://ntp.msn.com
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://oauthaccountmanager.googleapis.com/
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://oauthaccountmanager.googleapis.com/v1/issuetoken
            Source: msedge.exe, 0000000F.00000002.2948402913.00007184025A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
            Source: chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763288729.000018A001394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2762024536.000018A0013E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogads-pa.googleapis.com
            Source: chrome.exe, 0000000B.00000002.2819634607.000018A000308000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2823199441.000018A000A68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com
            Source: chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763288729.000018A001394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2762024536.000018A0013E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com/widget/app/so?eom=1
            Source: chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763288729.000018A001394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2762024536.000018A0013E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ogs.google.com/widget/callout?eom=1
            Source: chrome.exe, 0000000B.00000002.2821371131.000018A0006E8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826625857.000018A000FF0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2823343653.000018A000AFE000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743744496.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761378703.000018A000F78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1&target=OPTIMIZATION_TARGET_PAGE_TOPICS_
            Source: chrome.exe, 0000000B.00000002.2826341718.000018A000EF0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743744496.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822714608.000018A000914000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2818076629.000018A0000E0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761378703.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2823265992.000018A000AAC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAG
            Source: chrome.exe, 0000000B.00000002.2826490894.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743614685.000018A000A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826190555.000018A000EBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743744496.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761378703.000018A000F78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1678906374&target=OPTIMIZATION_TARGET_OMN
            Source: chrome.exe, 0000000B.00000002.2826490894.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743614685.000018A000A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743744496.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761378703.000018A000F78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1679317318&target=OPTIMIZATION_TARGET_LAN
            Source: chrome.exe, 0000000B.00000002.2816481381.000018A00000C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826490894.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743614685.000018A000A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743744496.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761378703.000018A000F78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695049402&target=OPTIMIZATION_TARGET_GEO
            Source: chrome.exe, 0000000B.00000002.2819573759.000018A0002E0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826490894.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743614685.000018A000A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826625857.000018A000FF0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2825628735.000018A000DE0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743744496.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761378703.000018A000F78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695049414&target=OPTIMIZATION_TARGET_NOT
            Source: chrome.exe, 0000000B.00000002.2826490894.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743614685.000018A000A18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826625857.000018A000FF0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743744496.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761378703.000018A000F78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695051229&target=OPTIMIZATION_TARGET_PAG
            Source: chrome.exe, 0000000B.00000002.2826190555.000018A000EBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743744496.000018A000F78000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761378703.000018A000F78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=210230727&target=OPTIMIZATION_TARGET_CLIE
            Source: chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/v1:GetHints
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSession
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABzen
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSession
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/RotateBoundCookies
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
            Source: msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
            Source: chrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A0003AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.google.com/settings?referrer=CHROME_NTP
            Source: chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.google.com?referrer=CHROME_NTP
            Source: chrome.exe, 0000000B.00000002.2826190555.000018A000EBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2827012775.000018A001128000.00000004.00000800.00020000.00000000.sdmp, chromecache_512.13.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
            Source: chromecache_511.13.drString found in binary or memory: https://plus.google.com
            Source: chromecache_511.13.drString found in binary or memory: https://plus.googleapis.com
            Source: chrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A0003AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://policies.google.com/
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.gcp.privacysandboxservices.com
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.aws.privacysandboxservices.com
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.aws.privacysandboxservices.com/.well-known/protected-auction/v1/public-k
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.gcp.privacysandboxservices.com
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://publickeyservice.pa.gcp.privacysandboxservices.com/.well-known/protected-auction/v1/public-k
            Source: chrome.exe, 0000000B.00000002.2817491533.000018A00008C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/clientreport/chrome-sct-auditing
            Source: BitLockerToGo.exe, 0000000A.00000003.2636513106.000000000294B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com
            Source: BitLockerToGo.exe, 0000000A.00000003.2722762019.0000000002958000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2814287289.0000000002955000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2679475609.000000000290F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com/
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2692632286.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2663837938.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2650464616.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2679475609.000000000290F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com/(b2
            Source: BitLockerToGo.exe, 0000000A.00000003.2692632286.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2663837938.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2650464616.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2679475609.000000000290F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com/=b
            Source: BitLockerToGo.exe, 0000000A.00000003.2650464616.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com/_b
            Source: BitLockerToGo.exe, 0000000A.00000003.2663837938.000000000290F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com/g
            Source: BitLockerToGo.exe, 0000000A.00000003.2731100419.0000000002955000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2722762019.0000000002958000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com/k
            Source: BitLockerToGo.exe, 0000000A.00000003.2692632286.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2663837938.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2650464616.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2679475609.000000000290F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com/nbx
            Source: BitLockerToGo.exe, 0000000A.00000003.2731100419.0000000002955000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2814287289.0000000002955000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com3
            Source: BitLockerToGo.exe, 0000000A.00000003.2814287289.0000000002955000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.com;
            Source: BitLockerToGo.exe, 0000000A.00000003.2663837938.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2679475609.000000000290F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.comK
            Source: BitLockerToGo.exe, 0000000A.00000003.2731100419.0000000002955000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2814287289.0000000002955000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.comS
            Source: BitLockerToGo.exe, 0000000A.00000003.2731100419.0000000002955000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sailiabot.comc
            Source: chrome.exe, 0000000B.00000002.2817908177.000018A0000A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sctauditing-pa.googleapis.com/v1/knownscts/length/$1/prefix/$2?key=AIzaSyBOti4mM-6x9WDnZIjIe
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://securitydomain-pa.googleapis.com/v1/
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.com2
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.comJv
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shieldedids-pa.googleapis.comb
            Source: chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sites.google.com/u/0/create?usp=chrome_actions
            Source: chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sites.google.com/u/0/create?usp=chrome_actionsactions
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com
            Source: chrome.exe, 0000000B.00000002.2819978645.000018A00040C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com/gb/images/bar/al-icon.png
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2626999129.000000000A078000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3121610773.00000000025DD000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199825403037
            Source: BitLockerToGo.exe, 0000000A.00000002.3121610773.00000000025DD000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199825403037oomaino5Mozilla/5.0
            Source: BitLockerToGo.exe, 0000000A.00000002.3126700949.00000000058F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
            Source: BitLockerToGo.exe, 0000000A.00000002.3126700949.00000000058F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028D8000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2650464616.0000000002908000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2636537817.0000000002908000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2636513106.000000000294B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/b4cha00
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/b4cha00k
            Source: BitLockerToGo.exe, 0000000A.00000002.3121610773.00000000025DD000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://t.me/b4cha00oomaino5Mozilla/5.0
            Source: chrome.exe, 0000000B.00000002.2823100844.000018A000A24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://t0.gstatic.com/faviconV2
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tasks.googleapis.com/
            Source: BitLockerToGo.exe, 0000000A.00000003.2636537817.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028D8000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2636626047.0000000002948000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2636513106.000000000294B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.org
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://word.new?from=EdgeM365Shoreline
            Source: chromecache_511.13.drString found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000050D0000.00000004.00000020.00020000.00000000.sdmp, kfcjwb.10.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821111330.000018A000620000.00000004.00000800.00020000.00000000.sdmp, 6xt0ri.10.drString found in binary or memory: https://www.ecosia.org/newtab/
            Source: chrome.exe, 0000000B.00000002.2824530857.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2741305497.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746648147.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766074819.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2760486164.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2800046500.000018A000C50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=
            Source: chrome.exe, 0000000B.00000002.2824530857.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2741305497.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746648147.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766074819.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2760486164.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2800046500.000018A000C50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearch
            Source: chrome.exe, 0000000B.00000002.2824530857.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2741305497.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746648147.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766074819.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2760486164.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2800046500.000018A000C50000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearchn=opensearch
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com;report-uri
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
            Source: chrome.exe, 0000000B.00000003.2734527511.000018A0004BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
            Source: chrome.exe, 0000000B.00000002.2816481381.000018A00000C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/Char
            Source: chrome.exe, 0000000B.00000002.2822342089.000018A00081C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/Charii3
            Source: chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/async/ddljson?async=ntp:2
            Source: chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/async/ddljson?async=ntp:2H
            Source: chrome.exe, 0000000B.00000002.2817405318.000018A000080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/async/newtab_
            Source: chrome.exe, 0000000B.00000002.2817405318.000018A000080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/async/newtab_b?h
            Source: chrome.exe, 0000000B.00000002.2827080834.000018A001154000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/async/newtab_promos
            Source: content.js.16.dr, content_new.js.16.drString found in binary or memory: https://www.google.com/chrome
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/go-mobile/?ios-campaign=desktop-chr-ntp&android-campaign=desktop-chr-n
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/hats/index.htmlb
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2825440888.000018A000D74000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822182680.000018A0007E8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822820522.000018A00096C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/tips/
            Source: chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2825440888.000018A000D74000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822182680.000018A0007E8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822820522.000018A00096C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/tips/gs
            Source: BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820436132.000018A000518000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824193149.000018A000BC4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821111330.000018A000620000.00000004.00000800.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
            Source: chrome.exe, 0000000B.00000002.2819978645.000018A00040C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/imghp?hl=en&amp;tab=ri&amp;ogbl
            Source: chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763288729.000018A001394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2762024536.000018A0013E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/intl/en/about/products?tab=rh
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
            Source: chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?q=$
            Source: chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/tools/feedback/chrome/__submit
            Source: chrome.exe, 0000000B.00000002.2823134636.000018A000A34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/undo
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.comAccess-Control-Allow-Credentials:
            Source: chrome.exe, 0000000B.00000002.2816481381.000018A00000C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/aida2
            Source: chromecache_511.13.drString found in binary or memory: https://www.googleapis.com/auth/plus.me
            Source: chromecache_511.13.drString found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager2
            Source: chrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/shieldedids.manager23
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/oauth2/v1/userinfo
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/oauth2/v2/tokeninfo
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/oauth2/v4/token
            Source: chrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/reauth/v1beta/users/
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com
            Source: chrome.exe, 0000000B.00000003.2757051310.000018A000294000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com
            Source: chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/chrome/intelligence/assist/ranker/models/translate/2017/03/translate_ranker_
            Source: chrome.exe, 0000000B.00000003.2761727309.000018A00141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/images/icons/material/system/1x/broken_image_grey600_18dp.png
            Source: chrome.exe, 0000000B.00000003.2763656606.000018A001378000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761778275.000018A001424000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761618690.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763372996.000018A000F24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761000110.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763798754.000018A00143C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2827517155.000018A0013B4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2761727309.000018A00141C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/images/icons/material/system/2x/broken_image_grey600_18dp.png
            Source: chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763288729.000018A001394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2818076629.000018A0000E0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2762024536.000018A0013E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Bvq7OK2_7ZA.2019.O/rt=j/m=q_dnp
            Source: chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763288729.000018A001394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2762024536.000018A0013E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/og/_/ss/k=og.qtm.S4XVq7ljTQU.L.W.O/m=qmd
            Source: BitLockerToGo.exe, 0000000A.00000002.3126700949.00000000058F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.bwSC1pmG_zle
            Source: BitLockerToGo.exe, 0000000A.00000002.3126700949.00000000058F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.hjKdHaZH-dbQ
            Source: BitLockerToGo.exe, 0000000A.00000002.3126700949.00000000058F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://www.office.com
            Source: 3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drString found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000050D0000.00000004.00000020.00020000.00000000.sdmp, kfcjwb.10.drString found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/:
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytca
            Source: chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/J
            Source: chrome.exe, 0000000B.00000002.2819532817.000018A0002C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.html
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
            Source: unknownNetwork traffic detected: HTTP traffic on port 50154 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
            Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50102 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50125 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50085 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50148 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
            Source: unknownNetwork traffic detected: HTTP traffic on port 50091 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
            Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
            Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
            Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
            Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
            Source: unknownNetwork traffic detected: HTTP traffic on port 50015 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50147 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
            Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50085
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
            Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50087
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
            Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50090
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50094
            Source: unknownNetwork traffic detected: HTTP traffic on port 50136 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50153 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50139
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
            Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50138
            Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
            Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
            Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50137
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50136
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
            Source: unknownNetwork traffic detected: HTTP traffic on port 50144 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49893
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50144
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50143
            Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50146
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50145
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50148
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50147
            Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50151
            Source: unknownNetwork traffic detected: HTTP traffic on port 50138 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50150
            Source: unknownNetwork traffic detected: HTTP traffic on port 50155 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
            Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50153
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50155
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50154
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50157
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50158
            Source: unknownNetwork traffic detected: HTTP traffic on port 50005 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
            Source: unknownNetwork traffic detected: HTTP traffic on port 50137 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
            Source: unknownNetwork traffic detected: HTTP traffic on port 50066 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50089 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50043
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
            Source: unknownNetwork traffic detected: HTTP traffic on port 50109 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50126 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50145 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50007 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50139 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50151 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50107
            Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
            Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50102
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50101
            Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50128 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50088 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50117
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50116
            Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50076 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50043 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50127 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50007
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50128
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50006
            Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50127
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50008
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50129
            Source: unknownNetwork traffic detected: HTTP traffic on port 50150 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50003
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50124
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50002
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50123
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50005
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50004
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50125
            Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50065 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50158 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50003 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50087 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50064 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50117 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50008 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
            Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50124 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50092 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
            Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50146 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50157 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
            Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
            Source: unknownNetwork traffic detected: HTTP traffic on port 50101 -> 443
            Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:49864 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49893 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49894 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49901 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49900 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.6:50000 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 88.99.124.230:443 -> 192.168.2.6:50002 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50015 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50155 version: TLS 1.2
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C5AD3 CreateDesktopA,CreateProcessA,Sleep,10_2_025C5AD3

            System Summary

            barindex
            Malicious sample detected (through community Yara rule)
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a1e0000.5.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a220000.1.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.raw.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a220000.1.raw.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 10.2.BitLockerToGo.exe.25c0000.0.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a200000.2.raw.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a200000.2.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a1e0000.5.raw.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 00000000.00000002.2631135826.000000000A200000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Metasploit Payloads - file msf.war - contents Author: Florian Roth
            Source: 00000000.00000002.2631135826.000000000A240000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: 00000000.00000002.2631135826.000000000A1E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C4B3F10_2_025C4B3F
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D7D5610_2_025D7D56
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D514710_2_025D5147
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025CAF7E10_2_025CAF7E
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D71E110_2_025D71E1
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D53AF10_2_025D53AF
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A2DC000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilenameBITLOCKERTOGO.EXEj% vs SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE, DEBUG_STRIPPED
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a1e0000.5.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a220000.1.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.raw.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a220000.1.raw.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 10.2.BitLockerToGo.exe.25c0000.0.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a200000.2.raw.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a200000.2.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a1e0000.5.raw.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 00000000.00000002.2631135826.000000000A200000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Msfpayloads_msf_9 date = 2017-02-09, hash1 = e408678042642a5d341e8042f476ee7cef253871ef1c9e289acf0ee9591d1e81, author = Florian Roth, description = Metasploit Payloads - file msf.war - contents, reference = Internal Research
            Source: 00000000.00000002.2631135826.000000000A240000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: 00000000.00000002.2631135826.000000000A1E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
            Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@74/269@26/24
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025CF029 CreateToolhelp32Snapshot,Process32First,Process32Next,10_2_025CF029
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\CTJHDTI8.htmJump to behavior
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7788:120:WilError_03
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Users\user\AppData\Local\Temp\7e7c3586-add8-4696-a616-45b012eae9cb.tmpJump to behavior
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile read: C:\$Recycle.Bin\S-1-5-21-2246122658-3693405117-2476756634-1003\desktop.iniJump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
            Source: chrome.exe, 0000000B.00000002.2821415201.000018A000701000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE psl_extensions (domain VARCHAR NOT NULL, UNIQUE (domain));
            Source: 79h47yuk6.10.dr, xtjwtj5fu.10.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeVirustotal: Detection: 33%
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeReversingLabs: Detection: 40%
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeString found in binary or memory: net/addrselect.go
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeString found in binary or memory: github.com/saferwall/pe@v1.5.6/loadconfig.go
            Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe"
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeProcess created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 --field-trial-handle=2284,i,263747459218094094,16877234520171628402,262144 /prefetch:8
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
            Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=2420,i,3598628697674751921,18106886729672372177,262144 /prefetch:3
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:3
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5988 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5988 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7220 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7300 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\y5fct" & exit
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7404 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeProcess created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=2420,i,3598628697674751921,18106886729672372177,262144 /prefetch:3Jump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 --field-trial-handle=2284,i,263747459218094094,16877234520171628402,262144 /prefetch:8Jump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=2420,i,3598628697674751921,18106886729672372177,262144 /prefetch:3Jump to behavior
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2224 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:3
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5988 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5988 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7220 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7300 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7404 --field-trial-handle=1964,i,8903665598522054129,5147656186677210815,262144 /prefetch:8
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeSection loaded: cryptbase.dllJump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeSection loaded: winmm.dllJump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeSection loaded: powrprof.dllJump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeSection loaded: umpdc.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: wininet.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: dbghelp.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: sspicli.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: iertutil.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: windows.storage.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: wldp.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: profapi.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: kernel.appcore.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: winhttp.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: mswsock.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: iphlpapi.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: winnsi.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: urlmon.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: srvcli.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: netutils.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: dnsapi.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: rasadhlp.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: fwpuclnt.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: schannel.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: mskeyprotect.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ntasn1.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: msasn1.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: dpapi.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: cryptsp.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: rsaenh.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: cryptbase.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: gpapi.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ncrypt.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ncryptsslp.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ntmarta.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: uxtheme.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: windowscodecs.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: propsys.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: apphelp.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ntshrui.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: cscapi.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: windows.staterepositoryps.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: linkinfo.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: edputil.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: wintypes.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: appresolver.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: bcp47langs.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: slc.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: userenv.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: sppc.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: onecorecommonproxystub.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: pcacli.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: mpr.dllJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: sfc_os.dllJump to behavior
            Source: C:\Windows\SysWOW64\timeout.exeSection loaded: version.dll
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic file information: File size 5340672 > 1048576
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x271c00
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: Raw size of .rdata is bigger than: 0x100000 < 0x24e000
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
            Source: Binary string: A{"id":1,"method":"Storage.getCookies"}|.tgz.gzSecurityHistoryWork Dir: In memorySOFTWARE\Microsoft\Cryptographyfirefox%08lX%04lX%lu_key.txtSoft\Steam\steam_tokens.txt\Discord\tokens.txtpasswords.txtinformation.txtlocalhostWebSocketClient" & exitGdipGetImageHeightSoftGdipGetImagePixelFormatN0ZWFt\Monero\wallet.keysAzure\.awsstatusWallets_CreateProcessGdipGetImageEncodershttpsSoftware\Martin Prikryl\WinSCP 2\SessionsPlugins/devtoolsprefs.jsLocal Extension SettingsSync Extension SettingsFilescookiesCookies\BraveWallet\Preferenceskey_datas%s\%s\%sPortNumberCurrentBuildNumberGdiplusStartup.zipGdipCreateHBITMAPFromBitmapOpera Crypto.zooUnknownGdiplusShutdown/json_logins.jsoninvalid string positionSoftware\Martin Prikryl\WinSCP 2\ConfigurationDisplayVersionSOFTWARE\Microsoft\Windows NT\CurrentVersionopentokenamcommunity.comTelegramSoftware\Valve\SteamGdipSaveImageToStreamGdipLoadImageFromStream\AppData\Roaming\FileZilla\recentservers.xml.dllSOFTWARE\Microsoft\Windows\CurrentVersion\Uninstallapprove_aprilNetworkblock.arjprofiles.ini.lzhGdipGetImageWidthwallet_pathSteamPathscreenshot.jpgstring too longvector<T> too longProcessorNameStringloginusers.vdflibraryfolders.vdfconfig.vdfDialogConfig.vdfDialogConfigOverlay*.vdfGdipGetImageEncodersSizesteam.exeC:\Windows\system32\cmd.exeC:\Windows\system32\rundll32.exeBravetrueformhistory.sqlitecookies.sqliteplaces.sqliteLocal StatefalseAzure\.azureSOFTWARE\monero-project\monero-corechromefile_nameDisplayNameHostNameProductNameUserNameGdipSaveImageToFilemsal.cacheGdipDisposeImagemodeAzure\.IdentityServiceUseMasterPasswordhwidMachineGuidtask_idbuild_idCrash DetectedDisabled%dx%d%d/%d/%d %d:%d:%d.arcvdr1.pdb\Local Storage\leveldb_0.indexeddb.leveldb_formhistory.db_history.db_cookies.db_passwords.db_webdata.db_key4.db\key4.dbfile_dataLogin DataWeb DataoperaOperachrome-extension_[Processes][Software]\storage\default\\.aws\errors\\Telegram Desktop\\Steam\\config\\.azure\ Stable\\.IdentityService\\discord\/c timeout /t 10 & rd /s /q "C:\ProgramData\" & rd /s /q "C:\ProgramData\\..\.ZDISPLAYOpera GXEXCEPTION_INT_OVERFLOWEXCEPTION_FLT_OVERFLOWEXCEPTION_STACK_OVERFLOWEXCEPTION_FLT_UNDERFLOWPOSTEXCEPTION_BREAKPOINT\Local Storage\leveldb\CURRENTEXCEPTION_DATATYPE_MISALIGNMENTEXCEPTION_FLT_INEXACT_RESULTGETEXCEPTION_IN_PAGE_ERRORdQw4w9WgXcQEXCEPTION_SINGLE_STEPGdipCreateBitmapFromHBITMAPEXCEPTION_INT_DIVIDE_BY_ZEROEXCEPTION_FLT_DIVIDE_BY_ZEROEXCEPTION_NONCONTINUABLE_EXCEPTIONUNKNOWN EXCEPTIONEXCEPTION_INVALID_DISPOSITIONEXCEPTION_PRIV_INSTRUCTIONEXCEPTION_ILLEGAL_INSTRUCTIONEXCEPTION_FLT_INVALID_OPERATIONEXCEPTION_ACCESS_VIOLATIONEXCEPTION_FLT_STACK_CHECKEXCEPTION_FLT_DENORMAL_OPERANDEXCEPTION_ARRAY_BOUNDS_EXCEEDED%d MBIndexedDBOCALAPPDATA?<Host><Port><User><Pass encoding="base64">http://localhost:"webSocketDebuggerUrl":6^userContextId=4294967295465 79 41 69 64 48 6C 77 49 6A 6F 67 49 6B 70 58 56 43 49 73ws://localhost:9223.metadata-v2comctl32gdi32:225121Windows 11HTTP/1.1HARDWARE\DESCRIPTION\System\CentralProcessor\0abcdefgh
            Source: Binary string: C:\Users\Administrator\Desktop\vdr1\Release\vdr1.pdbA source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2626999129.000000000A06A000.00000004.00001000.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3121566188.00000000025D9000.00000002.00000400.00020000.00000000.sdmp
            Source: Binary string: vdr1.pdb source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2626999129.000000000A06A000.00000004.00001000.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3121566188.00000000025D9000.00000002.00000400.00020000.00000000.sdmp
            Source: Binary string: BitLockerToGo.pdb source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A2DC000.00000004.00001000.00020000.00000000.sdmp
            Source: Binary string: BitLockerToGo.pdbGCTL source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A2DC000.00000004.00001000.00020000.00000000.sdmp
            Source: Binary string: C:\Users\Administrator\Desktop\vdr1\Release\vdr1.pdb source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2626999129.000000000A06A000.00000004.00001000.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3121566188.00000000025D9000.00000002.00000400.00020000.00000000.sdmp
            Source: Binary string: {"id":1,"method":"Storage.getCookies"}|.tgz.gzSecurityHistoryWork Dir: In memorySOFTWARE\Microsoft\Cryptographyfirefox%08lX%04lX%lu_key.txtSoft\Steam\steam_tokens.txt\Discord\tokens.txtpasswords.txtinformation.txtlocalhostWebSocketClient" & exitGdipGetImageHeightSoftGdipGetImagePixelFormatN0ZWFt\Monero\wallet.keysAzure\.awsstatusWallets_CreateProcessGdipGetImageEncodershttpsSoftware\Martin Prikryl\WinSCP 2\SessionsPlugins/devtoolsprefs.jsLocal Extension SettingsSync Extension SettingsFilescookiesCookies\BraveWallet\Preferenceskey_datas%s\%s\%sPortNumberCurrentBuildNumberGdiplusStartup.zipGdipCreateHBITMAPFromBitmapOpera Crypto.zooUnknownGdiplusShutdown/json_logins.jsoninvalid string positionSoftware\Martin Prikryl\WinSCP 2\ConfigurationDisplayVersionSOFTWARE\Microsoft\Windows NT\CurrentVersionopentokenamcommunity.comTelegramSoftware\Valve\SteamGdipSaveImageToStreamGdipLoadImageFromStream\AppData\Roaming\FileZilla\recentservers.xml.dllSOFTWARE\Microsoft\Windows\CurrentVersion\Uninstallapprove_aprilNetworkblock.arjprofiles.ini.lzhGdipGetImageWidthwallet_pathSteamPathscreenshot.jpgstring too longvector<T> too longProcessorNameStringloginusers.vdflibraryfolders.vdfconfig.vdfDialogConfig.vdfDialogConfigOverlay*.vdfGdipGetImageEncodersSizesteam.exeC:\Windows\system32\cmd.exeC:\Windows\system32\rundll32.exeBravetrueformhistory.sqlitecookies.sqliteplaces.sqliteLocal StatefalseAzure\.azureSOFTWARE\monero-project\monero-corechromefile_nameDisplayNameHostNameProductNameUserNameGdipSaveImageToFilemsal.cacheGdipDisposeImagemodeAzure\.IdentityServiceUseMasterPasswordhwidMachineGuidtask_idbuild_idCrash DetectedDisabled%dx%d%d/%d/%d %d:%d:%d.arcvdr1.pdb\Local Storage\leveldb_0.indexeddb.leveldb_formhistory.db_history.db_cookies.db_passwords.db_webdata.db_key4.db\key4.dbfile_dataLogin DataWeb DataoperaOperachrome-extension_[Processes][Software]\storage\default\\.aws\errors\\Telegram Desktop\\Steam\\config\\.azure\ Stable\\.IdentityService\\discord\/c timeout /t 10 & rd /s /q "C:\ProgramData\" & rd /s /q "C:\ProgramData\\..\.ZDISPLAYOpera GXEXCEPTION_INT_OVERFLOWEXCEPTION_FLT_OVERFLOWEXCEPTION_STACK_OVERFLOWEXCEPTION_FLT_UNDERFLOWPOSTEXCEPTION_BREAKPOINT\Local Storage\leveldb\CURRENTEXCEPTION_DATATYPE_MISALIGNMENTEXCEPTION_FLT_INEXACT_RESULTGETEXCEPTION_IN_PAGE_ERRORdQw4w9WgXcQEXCEPTION_SINGLE_STEPGdipCreateBitmapFromHBITMAPEXCEPTION_INT_DIVIDE_BY_ZEROEXCEPTION_FLT_DIVIDE_BY_ZEROEXCEPTION_NONCONTINUABLE_EXCEPTIONUNKNOWN EXCEPTIONEXCEPTION_INVALID_DISPOSITIONEXCEPTION_PRIV_INSTRUCTIONEXCEPTION_ILLEGAL_INSTRUCTIONEXCEPTION_FLT_INVALID_OPERATIONEXCEPTION_ACCESS_VIOLATIONEXCEPTION_FLT_STACK_CHECKEXCEPTION_FLT_DENORMAL_OPERANDEXCEPTION_ARRAY_BOUNDS_EXCEEDED%d MBIndexedDBOCALAPPDATA?<Host><Port><User><Pass encoding="base64">http://localhost:"webSocketDebuggerUrl":6^userContextId=4294967295465 79 41 69 64 48 6C 77 49 6A 6F 67 49 6B 70 58 56 43 49 73ws://localhost:9223.metadata-v2comctl32gdi32:225121Windows 11HTTP/1.1HARDWARE\DESCRIPTION\System\CentralProcessor\0abcdefghi
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeStatic PE information: section name: .symtab

            Boot Survival

            barindex
            Monitors registry run keys for changes
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry key monitored: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunJump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\SysWOW64\timeout.exe TID: 7792Thread sleep count: 89 > 30
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D2A5D FindFirstFileA,10_2_025D2A5D
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025CA69C FindFirstFileA,CopyFileA,DeleteFileA,FindNextFileA,10_2_025CA69C
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C7891 FindFirstFileA,CopyFileA,CopyFileA,FindNextFileA,10_2_025C7891
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C8776 FindFirstFileA,FindNextFileA,10_2_025C8776
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D3B10 FindFirstFileA,FindNextFileA,10_2_025D3B10
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C13DA FindFirstFileA,10_2_025C13DA
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D1BD2 FindFirstFileA,10_2_025D1BD2
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025C6784 FindFirstFileA,CopyFileA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,10_2_025C6784
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D1187 FindFirstFileA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileA,10_2_025D1187
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D1722 GetLogicalDriveStringsA,GetDriveTypeA,10_2_025D1722
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025CDF8C GetSystemInfo,10_2_025CDF8C
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
            Source: r90rq1.10.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696487552
            Source: chrome.exe, 0000000B.00000002.2823504802.000018A000B38000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware
            Source: r90rq1.10.drBinary or memory string: secure.bankofamerica.comVMware20,11696487552|UE
            Source: r90rq1.10.drBinary or memory string: account.microsoft.com/profileVMware20,11696487552u
            Source: chrome.exe, 0000000B.00000002.2826724196.000018A00103C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware Virtual USB Mouse
            Source: r90rq1.10.drBinary or memory string: discord.comVMware20,11696487552f
            Source: r90rq1.10.drBinary or memory string: bankofamerica.comVMware20,11696487552x
            Source: r90rq1.10.drBinary or memory string: www.interactivebrokers.comVMware20,11696487552}
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
            Source: r90rq1.10.drBinary or memory string: ms.portal.azure.comVMware20,11696487552
            Source: msedge.exe, 0000000F.00000003.2860911945.0000718402590000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware20,1(
            Source: chrome.exe, 0000000B.00000002.2812466593.000002C037AEB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllFFn
            Source: r90rq1.10.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552
            Source: r90rq1.10.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696487552
            Source: r90rq1.10.drBinary or memory string: global block list test formVMware20,11696487552
            Source: r90rq1.10.drBinary or memory string: tasks.office.comVMware20,11696487552o
            Source: r90rq1.10.drBinary or memory string: AMC password management pageVMware20,11696487552
            Source: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, 00000000.00000002.2626698910.00000000012BE000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 0000000F.00000002.2940856101.0000026DB0845000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
            Source: r90rq1.10.drBinary or memory string: interactivebrokers.co.inVMware20,11696487552d
            Source: r90rq1.10.drBinary or memory string: interactivebrokers.comVMware20,11696487552
            Source: r90rq1.10.drBinary or memory string: dev.azure.comVMware20,11696487552j
            Source: r90rq1.10.drBinary or memory string: Interactive Brokers - HKVMware20,11696487552]
            Source: r90rq1.10.drBinary or memory string: microsoft.visualstudio.comVMware20,11696487552x
            Source: chrome.exe, 0000000B.00000002.2824245116.000018A000BE4000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&2dda038&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=3e4ffa8a-623f-49c7-a72a-f404df17ee13
            Source: r90rq1.10.drBinary or memory string: netportal.hdfcbank.comVMware20,11696487552
            Source: r90rq1.10.drBinary or memory string: trackpan.utiitsl.comVMware20,11696487552h
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.0000000002898000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW(;
            Source: r90rq1.10.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696487552z
            Source: r90rq1.10.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696487552~
            Source: r90rq1.10.drBinary or memory string: outlook.office365.comVMware20,11696487552t
            Source: r90rq1.10.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552^
            Source: r90rq1.10.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696487552p
            Source: r90rq1.10.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696487552n
            Source: r90rq1.10.drBinary or memory string: outlook.office.comVMware20,11696487552s
            Source: r90rq1.10.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696487552
            Source: r90rq1.10.drBinary or memory string: turbotax.intuit.comVMware20,11696487552t
            Source: r90rq1.10.drBinary or memory string: Canara Transaction PasswordVMware20,11696487552x
            Source: cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres.16.drBinary or memory string: {"TBDataStoreObject":{"Header":{"ObjectType":"TokenResponse","SchemaVersionMajor":2,"SchemaVersionMinor":1},"ObjectData":{"SystemDefinedProperties":{"RequestIndex":{"Type":"InlineBytes","IsProtected":false,"Value":"z3UTqTb37/uzhiflb40fzhDrEsw="},"Expiration":{"Type":"InlineBytes","IsProtected":false,"Value":"4dE5R+p92wE="},"Status":{"Type":"InlineBytes","IsProtected":false,"Value":"AwAAAA=="},"ResponseBytes":{"Type":"InlineBytes","IsProtected":true,"Value":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAIcbeO/oGUkmqCKuMR5/4CAAAAAACAAAAAAAQZgAAAAEAACAAAABx9jQ9HsBqBIMHAqGTn+oKylRFJBWcBFgH5pE1QpbDaAAAAAAOgAAAAAIAACAAAABMe+6G09KmG6Gonls63SHBA7ewCHSSwm0L08h6bYYI4hAEAABeA/mQTWao16cE1H9VCGxHGhvB5uhH1yYjm38MAbYV2FbpoTmwuO15/4Gceyz9RfXT7azlhRAtZgrsD4bW1UYEvZ+XM2mcwYqdqmxKrivV2YE6QiaI1k91xUOS59Kp51KOfF6oNdMXdythp0pMYuj2zlZbqQIe0o9tuFJxR8ooPZlhXApO1xS5vxjrmQ69Ev3RdV2/qxtEFe29im7QCsdQ/f9HZOhG0IRUhGaQEmUDPE8XwnrrE7L6+njuq56QDBm/Q00qo4zS6LBpQ5Sn5+kd4oPm4jmL/4mXdmxQ3JXhKIBe5XgopMWgnWbyaQqo2Vlk8cTbwVRypFO3mZrc0SgSr+Z3dCIXAzu7VJf3c6qVc6Q2GX+RUK1vx4Xd9/ve0ef71IMouGI9Wat39swq2xf0V2arzTg2QLYq6wcQweS8mXfs0SAZfc7IPuDCACWxUwAmIo5OSPfTM+veMv/1Fc1eMeD8H/Zv8zdLIlg5fypHtk9NFC81zXnEil/ZXZL7BRyPPix1AGW7OEC3+Dq8sR6FCEqrQE65ZzNinoOuC1vuVJ1v9UGeP7kCWFEnKqWd8ChuTeLmwWDQEwxR4VIa9ANDa1n0f/9wqcxkPONZx7y9KB1J6CYd8KGfFWioLrSbUrn1m2rpWvKvJPm+W74NYlGBAcHJdvxqmDLmlxSy8gWjyIGgs1fKZerOomYWlPdc3r3CG2Aqn7O2d3J9NF3sD8PNhx36LVsCQjldjMzeQOF6UHS5skpuCwKxItrH5XNwj0sOmTAfDoM0UXa5Hn6KTWxAy0SM2LBFWuQ1Qp2VmyNBovrNKkGec8dC5ThkSyTFli+XXJ5X3ZPzk8II9dI6a8C8nvky5BH+21RfnJagEJcLiUpsbosh8QBNiixa/J7g/72/VHw4N9syqcJuqS439qBmJ6w7LLlVe7cYHgfW2ZsQUMQDWOA3QlTCiyvtD7hTJ2/RJN166ET/0tRW0bq/l4wNABSHuLep/hU8ZLtwz/hmZHr0hy4/p2gLxWDaBRPN7Zz2GOeOFftCTfzUVFznYl9sw4v002PuZhVzapcTysGbzb0f7RTdkAs6YiTzp361zIFQJGc4NxdqsoP7f4laKv6iFpduw/yDYvZWo0hJch9zWiJOt9x+9wueWj34NmX+eOr4mjBHs/nax263dcnjxvULR2vwhAcFUDQTqe+JRMGXomVT2tHuHI9E/cBK+XBkUSHTCtKEf0cT1gBRKZnDi/qh67sKwfCZkhNUJ8bWLnDda11P5WTFgfHtaGBWybKG0I7VHdkf0KJd94gEymCpt+JU6ZlJVi9rHBvGPERrS9wvjH6hw6Nmh35ogPjkwq8TiRJ0pQG+DeAQ9UUt9gBr8fP7Y+Rfq77exn6ZqYk202OpoUAAAAAzUjl27LN2fudzY4RbGcwVJ0p6ik8hacxJ9fXjEAX/75t0zeE599vnSEK4sH4RxYKcHmyTOX9yZ5x3JZpavj/b"},"ProviderPfn":{"Type":"InlineString","IsProtected":false,"Value":"Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy"}},"ProviderDefinedProperties":[],"PerApplicationProperties":{}}}}
            Source: r90rq1.10.drBinary or memory string: Canara Transaction PasswordVMware20,11696487552}
            Source: r90rq1.10.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696487552
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information queried: ProcessInformationJump to behavior

            HIPS / PFW / Operating System Protection Evasion

            barindex
            Allocates memory in foreign processes
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory allocated: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25C0000 protect: page execute and read and writeJump to behavior
            Injects a PE file into a foreign processes
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25C0000 value starts with: 4D5AJump to behavior
            Maps a DLL or memory area into another process
            Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeSection loaded: NULL target: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe protection: readonly
            Writes to foreign memory regions
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 266D008Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25C0000Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25C1000Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25D9000Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25DD000Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25DF000Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25E0000Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 25E1000Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeProcess created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1472 --field-trial-handle=2420,i,3598628697674751921,18106886729672372177,262144 /prefetch:3Jump to behavior
            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: GetLocaleInfoA,10_2_025CDE1C
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformationJump to behavior
            Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformationJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformationJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformationJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025D4CDB GetComputerNameW,GetUserNameW,GetFileType,10_2_025D4CDB
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 10_2_025CDDBF GetTimeZoneInformation,10_2_025CDDBF
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

            Stealing of Sensitive Information

            barindex
            Yara detected Vidar stealer
            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
            Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a220000.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 10.2.BitLockerToGo.exe.25c0000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a200000.2.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a1e0000.5.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A200000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000000A.00000003.2692632286.000000000290F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A240000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A1E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000000A.00000003.2679475609.000000000290F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe PID: 3268, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: BitLockerToGo.exe PID: 2132, type: MEMORYSTR
            Found many strings related to Crypto-Wallets (likely being stolen)
            Source: BitLockerToGo.exe, 0000000A.00000002.3125696515.0000000005619000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*bitflyer*.*,*kucoin*.*,*huobi*.*,*poloniex*.*,*kraken*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \ElectronCash\wallets\
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: exodus.conf.json
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: info.seco
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ElectrumLTC
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: passphrase.json
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Ethereum\
            Source: BitLockerToGo.exe, 0000000A.00000002.3125696515.0000000005619000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*bitflyer*.*,*kucoin*.*,*huobi*.*,*poloniex*.*,*kraken*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*
            Source: BitLockerToGo.exe, 0000000A.00000002.3125696515.0000000005619000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*bitflyer*.*,*kucoin*.*,*huobi*.*,*poloniex*.*,*kraken*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Coinomi\Coinomi\wallets\
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: multidoge.wallet
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: seed.seco
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: keystore
            Source: BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum-LTC\wallets\
            Tries to harvest and steal Bitcoin Wallet information
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-coreJump to behavior
            Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\ConfigurationJump to behavior
            Tries to harvest and steal browser information (history, passwords, etc)
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\datareporting\archived\2023-10\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\crashes\events\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs.jsJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\datareporting\glean\events\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.files\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\datareporting\glean\pending_pings\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\saved-telemetry-pings\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqliteJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqliteJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\chrome\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\chrome\idb\3561288849sdhlie.files\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\datareporting\glean\db\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\security_state\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\bookmarkbackups\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.files\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\chrome\idb\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0absryc3.default\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\to-be-removed\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionstore-backups\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\datareporting\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\minidumps\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\chrome\idb\2918063365piupsah.files\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.files\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\datareporting\archived\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\datareporting\glean\tmp\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\crashes\key4.dbJump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\datareporting\glean\key4.dbJump to behavior
            Tries to harvest and steal ftp login credentials
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
            Tries to steal Crypto Currency Wallets
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior
            Source: Yara matchFile source: 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: BitLockerToGo.exe PID: 2132, type: MEMORYSTR

            Remote Access Functionality

            barindex
            Attempt to bypass Chrome Application-Bound Encryption
            Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
            Yara detected Vidar stealer
            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
            Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a240000.3.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a220000.1.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 10.2.BitLockerToGo.exe.25c0000.0.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a200000.2.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 0.2.SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe.a1e0000.5.raw.unpack, type: UNPACKEDPE
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A220000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A200000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A316000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000000A.00000003.2692632286.000000000290F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A240000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 00000000.00000002.2631135826.000000000A1E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: 0000000A.00000003.2679475609.000000000290F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe PID: 3268, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: BitLockerToGo.exe PID: 2132, type: MEMORYSTR

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
            Command and Scripting Interpreter            		1
            Create Account            		411
            Process Injection            		1
            Masquerading            		2
            OS Credential Dumping            		1
            System Time Discovery            		Remote Services1
            Archive Collected Data            		21
            Encrypted Channel            		Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/Job1
            DLL Side-Loading            		1
            DLL Side-Loading            		1
            Virtualization/Sandbox Evasion            		1
            Credentials in Registry            		1
            Query Registry            		Remote Desktop Protocol4
            Data from Local System            		1
            Remote Access Software            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
            Extra Window Memory Injection            		411
            Process Injection            		Security Account Manager1
            Security Software Discovery            		SMB/Windows Admin SharesData from Network Shared Drive2
            Ingress Tool Transfer            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
            DLL Side-Loading            		NTDS1
            Virtualization/Sandbox Evasion            		Distributed Component Object ModelInput Capture3
            Non-Application Layer Protocol            		Traffic DuplicationData Destruction
            Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
            Extra Window Memory Injection            		LSA Secrets2
            Process Discovery            		SSHKeylogging14
            Application Layer Protocol            		Scheduled TransferData Encrypted for Impact
            Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials1
            Account Discovery            		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
            DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync1
            System Owner/User Discovery            		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
            Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem4
            File and Directory Discovery            		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
            Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAtHTML Smuggling/etc/passwd and /etc/shadow34
            System Information Discovery            		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet
            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1614047 Sample: SecuriteInfo.com.Win32.Troj... Startdate: 13/02/2025 Architecture: WINDOWS Score: 100 43 sailiabot.com 2->43 45 t.me 2->45 47 2 other IPs or domains 2->47 71 Suricata IDS alerts for network traffic 2->71 73 Found malware configuration 2->73 75 Malicious sample detected (through community Yara rule) 2->75 77 5 other signatures 2->77 9 SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe 2->9         started        12 msedge.exe 624 2->12         started        signatures3 process4 signatures5 79 Writes to foreign memory regions 9->79 81 Allocates memory in foreign processes 9->81 83 Injects a PE file into a foreign processes 9->83 14 BitLockerToGo.exe 29 9->14         started        85 Maps a DLL or memory area into another process 12->85 18 msedge.exe 12->18         started        20 identity_helper.exe 12->20         started        22 identity_helper.exe 12->22         started        24 3 other processes 12->24 process6 dnsIp7 59 sailiabot.com 88.99.124.230, 443, 50002, 50003 HETZNER-ASDE Germany 14->59 61 t.me 149.154.167.99, 443, 50000 TELEGRAMRU United Kingdom 14->61 63 127.0.0.1 unknown unknown 14->63 89 Attempt to bypass Chrome Application-Bound Encryption 14->89 91 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 14->91 93 Found many strings related to Crypto-Wallets (likely being stolen) 14->93 95 4 other signatures 14->95 26 msedge.exe 2 10 14->26         started        29 chrome.exe 14->29         started        32 cmd.exe 14->32         started        65 18.173.219.111, 443, 50109, 50117 MIT-GATEWAYSUS United States 18->65 67 c-msn-pme.trafficmanager.net 13.74.129.1, 443, 50064 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 18->67 69 28 other IPs or domains 18->69 signatures8 process9 dnsIp10 87 Monitors registry run keys for changes 26->87 34 msedge.exe 26->34         started        55 192.168.2.6, 443, 49247, 49366 unknown unknown 29->55 57 239.255.255.250 unknown Reserved 29->57 36 chrome.exe 29->36         started        39 conhost.exe 32->39         started        41 timeout.exe 32->41         started        signatures11 process12 dnsIp13 49 play.google.com 142.250.184.206, 443, 50032, 50040 GOOGLEUS United States 36->49 51 www.google.com 142.250.186.132, 443, 50012, 50016 GOOGLEUS United States 36->51 53 2 other IPs or domains 36->53

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe33%VirustotalBrowse
            SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe41%ReversingLabsWin32.Spyware.Vidar
            SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe100%AviraTR/Crypt.XPACK.Gen

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            https://sailiabot.com/_b0%Avira URL Cloudsafe
            https://sailiabot.com/(b20%Avira URL Cloudsafe
            http://anglebug.com/7488&0%Avira URL Cloudsafe
            http://unisolated.invalid/Q0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            chrome.cloudflare-dns.com
            		162.159.61.3
            		truefalse
              		high
              plus.l.google.com
              		172.217.16.206
              		truefalse
                		high
                a416.dscd.akamai.net
                		2.22.242.11
                		truefalse
                  		high
                  t.me
                  		149.154.167.99
                  		truefalse
                    		high
                    a-0003.a-msedge.net
                    		204.79.197.203
                    		truefalse
                      		high
                      c-msn-pme.trafficmanager.net
                      		13.74.129.1
                      		truefalse
                        		high
                        s-part-0017.t-0009.fb-t-msedge.net
                        		13.107.253.45
                        		truefalse
                          		high
                          ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                          		94.245.104.56
                          		truefalse
                            		high
                            sailiabot.com
                            		88.99.124.230
                            		truetrue
                              		unknown
                              ax-0001.ax-msedge.net
                              		150.171.28.10
                              		truefalse
                                		high
                                fg.microsoft.map.fastly.net
                                		199.232.210.172
                                		truefalse
                                  		high
                                  play.google.com
                                  		142.250.184.206
                                  		truefalse
                                    		high
                                    sb.scorecardresearch.com
                                    		18.244.18.27
                                    		truefalse
                                      		high
                                      www.google.com
                                      		142.250.186.132
                                      		truefalse
                                        		high
                                        e28578.d.akamaiedge.net
                                        		92.123.12.8
                                        		truefalse
                                          		high
                                          bzib.nelreports.net
                                          		unknown
                                          		unknownfalse
                                            		high
                                            assets.msn.com
                                            		unknown
                                            		unknownfalse
                                              		high
                                              c.msn.com
                                              		unknown
                                              		unknownfalse
                                                		high
                                                ntp.msn.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  apis.google.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    api.msn.com
                                                    		unknown
                                                    		unknownfalse
                                                      		high

                                                      Contacted URLs

                                                      NameMaliciousAntivirus DetectionReputation
                                                      https://assets.msn.com/bundles/v1/edgeChromium/latest/vendors.f30eb488fb3069c7561f.jsfalse
                                                        		high
                                                        https://clients2.googleusercontent.com/crx/blobs/ASuc5ohfQPNzGo5SSihcSk6msC8CUKw5id-p0KCEkBKwK2LS4AjdrDP0wa1qjzCTaTWEfyM52ADmUAdPETYA5vgD87UPEj6gyG11hjsvMLHGmzQgJ9F5D8s8Lo0Lbai5BQYAxlKa5esPJXukyaicyq83JwZ0HIWqzrjN/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_86_1_0.crxfalse
                                                          		high
                                                          https://tse1.mm.bing.net/th?id=OADD2.10239413729839_1JINKBNNYOPNVJTU3&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90false
                                                            		high
                                                            https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531false
                                                              		high
                                                              https://ntp.msn.com/edge/ntp?locale=en-GB&title=New+tab&enableForceCache=truefalse
                                                                		high
                                                                https://assets.msn.com/bundles/v1/edgeChromium/latest/microsoft.5da1d823f3d7131a6bff.jsfalse
                                                                  		high
                                                                  https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=truefalse
                                                                    		high
                                                                    https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1739432196242&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                                      		high

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://duckduckgo.com/chrome_newtabBitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822473895.000018A000870000.00000004.00000800.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drfalse
                                                                        		high
                                                                        https://mail.google.com/mail/?usp=installed_webappchrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://duckduckgo.com/ac/?q=BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drfalse
                                                                            		high
                                                                            https://safebrowsing.google.com/safebrowsing/clientreport/chrome-sct-auditingchrome.exe, 0000000B.00000002.2817491533.000018A00008C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://permanently-removed.invalid/oauth2/v2/tokeninfomsedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://clients3.google.com/cast/chromecast/home/wallpaper/image?rt=bchrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://docs.google.com/document/Jchrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://myaccount.google.com/find-your-phone?utm_source=ga-chrome-actions&utm_medium=findYourPhonechrome.exe, 0000000B.00000003.2741075067.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743814809.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824577418.000018A000C68000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739496364.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822779063.000018A000938000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820131458.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A00048C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      http://anglebug.com/4633chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://anglebug.com/7382chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://issuetracker.google.com/284462263chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://keep.google.com/u/0/?usp=chrome_actions#NEWNOTEklychrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://publickeyservice.gcp.privacysandboxservices.comchrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                http://polymer.github.io/AUTHORS.txtchrome.exe, 0000000B.00000003.2744778434.000018A0010C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744623446.000018A000F24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746495850.000018A000FBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746407930.000018A000490000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746728626.000018A000FB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744736696.000018A001070000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744809170.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746463528.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746431337.000018A000F18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A000390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2745639471.000018A00108C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://docs.google.com/manifest.json0.16.drfalse
                                                                                                    		high
                                                                                                    https://docs.google.com/document/:chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://publickeyservice.pa.aws.privacysandboxservices.comchrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://photos.google.com/settings?referrer=CHROME_NTPchrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A0003AB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://anglebug.com/7714chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            http://unisolated.invalid/chrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://photos.google.com?referrer=CHROME_NTPchrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://www.google.com/chrome/tips/chrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2825440888.000018A000D74000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822182680.000018A0007E8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822820522.000018A00096C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://drive.google.com/?lfhs=2chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://anglebug.com/6248chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://ogs.google.com/widget/callout?eom=1chrome.exe, 0000000B.00000003.2763615863.000018A00135C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2763288729.000018A001394000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2762024536.000018A0013E4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://outlook.office.com/mail/compose?isExtension=true3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drfalse
                                                                                                                          		high
                                                                                                                          http://anglebug.com/6929chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            http://anglebug.com/5281chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://www.youtube.com/?feature=ytcachrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                http://anglebug.com/7488&chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                		unknown
                                                                                                                                https://issuetracker.google.com/255411748chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://docs.google.com/document/u/0/create?usp=chrome_actionschrome.exe, 0000000B.00000002.2822123862.000018A0007D8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2826151589.000018A000EA8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822309846.000018A00080C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820318207.000018A0004E4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://permanently-removed.invalid/oauth2/v4/tokenmsedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://anglebug.com/7246chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://anglebug.com/7369chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://anglebug.com/7489chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://duckduckgo.com/?q=chrome.exe, 0000000B.00000002.2824628657.000018A000C74000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://chrome.google.com/webstorechrome.exe, 0000000B.00000003.2734527511.000018A0004BC000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000002.2947987304.0000718402394000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://cdnjs.cloudflare.com/ajax/libs/mathjax/offscreendocument_main.js.16.dr, service_worker_bin_prod.js.16.drfalse
                                                                                                                                                  		high
                                                                                                                                                  https://drive-daily-2.corp.google.com/manifest.json0.16.drfalse
                                                                                                                                                    		high
                                                                                                                                                    https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiBitLockerToGo.exe, 0000000A.00000002.3123315183.00000000050D0000.00000004.00000020.00020000.00000000.sdmp, kfcjwb.10.drfalse
                                                                                                                                                      		high
                                                                                                                                                      http://polymer.github.io/PATENTS.txtchrome.exe, 0000000B.00000003.2744778434.000018A0010C0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744623446.000018A000F24000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746495850.000018A000FBC000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746407930.000018A000490000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746728626.000018A000FB0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A000444000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744736696.000018A001070000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2747006228.000018A00120C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2744809170.000018A000F50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746463528.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746431337.000018A000F18000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2819811003.000018A000390000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746896465.000018A00116C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2745639471.000018A00108C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://t.me/b4cha00oomaino5Mozilla/5.0BitLockerToGo.exe, 0000000A.00000002.3121610773.00000000025DD000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://cdn.ecosia.org/assets/images/ico/favicon.icochrome.exe, 0000000B.00000002.2824530857.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2741305497.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746648147.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766074819.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2760486164.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2800046500.000018A000C50000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://sailiabot.com/_bBitLockerToGo.exe, 0000000A.00000003.2650464616.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000002.3124065979.0000000005441000.00000004.00000020.00020000.00000000.sdmp, Web Data.16.dr, r90rq1.10.dr, 6xt0ri.10.drfalse
                                                                                                                                                              		high
                                                                                                                                                              https://t.me/b4cha00kBitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028D8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://issuetracker.google.com/161903006chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://www.ecosia.org/newtab/BitLockerToGo.exe, 0000000A.00000002.3123315183.00000000051A3000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821111330.000018A000620000.00000004.00000800.00020000.00000000.sdmp, 6xt0ri.10.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://drive-daily-1.corp.google.com/manifest.json0.16.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://excel.new?from=EdgeM365Shoreline3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://drive-daily-5.corp.google.com/manifest.json0.16.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://duckduckgo.com/favicon.icochrome.exe, 0000000B.00000002.2822473895.000018A000870000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://docs.google.com/spreadsheets/u/0/create?usp=chrome_actionschrome.exe, 0000000B.00000002.2826696592.000018A00100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820436132.000018A000518000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://myaccount.google.com/data-and-privacy?utm_source=ga-chrome-actions&utm_medium=managePrivacychrome.exe, 0000000B.00000003.2741075067.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2743814809.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739496364.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2822779063.000018A000938000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820131458.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746777632.000018A00048C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://plus.google.comchromecache_511.13.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://permanently-removed.invalid/chrome/blank.htmlmsedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    http://anglebug.com/3078chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      http://anglebug.com/7553chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        http://anglebug.com/5375chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://permanently-removed.invalid/v1/issuetokenmsedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://anglebug.com/5371chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              http://anglebug.com/4722chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://m.google.com/devicemanagement/data/apichrome.exe, 0000000B.00000002.2819157181.000018A00020C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://permanently-removed.invalid/reauth/v1beta/users/msedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://docs.google.com/presentation/u/0/create?usp=chrome_actionschrome.exe, 0000000B.00000002.2826696592.000018A00100C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820436132.000018A000518000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821839311.000018A000780000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://anglebug.com/7556chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://chromewebstore.google.com/chrome.exe, 0000000B.00000002.2816642761.000018A000028000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000002.2947987304.0000718402394000.00000004.00000800.00020000.00000000.sdmp, manifest.json.16.drfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://drive-preprod.corp.google.com/manifest.json0.16.drfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://msn.comXIDv10Cookies.18.drfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://chrome.google.com/webstore/manifest.json.16.drfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://clients4.google.com/chrome-syncchrome.exe, 0000000B.00000002.2819055289.000018A0001C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://publickeyservice.pa.gcp.privacysandboxservices.comchrome.exe, 0000000B.00000003.2766509941.000018A00147C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://sailiabot.com/(b2BitLockerToGo.exe, 0000000A.00000002.3122069230.00000000028FC000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2692632286.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2663837938.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2650464616.000000000290F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2706022722.000000000290C000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000A.00000003.2679475609.000000000290F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                    https://permanently-removed.invalid/RotateBoundCookiesmsedge.exe, 0000000F.00000003.2863854685.0000718402480000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000F.00000003.2864051570.0000718402484000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      http://anglebug.com/6692chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://issuetracker.google.com/258207403chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          http://anglebug.com/3502chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            http://anglebug.com/3623chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824193149.000018A000BC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://www.office.com3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp.16.drfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                http://anglebug.com/3625chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824193149.000018A000BC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  http://anglebug.com/3624chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824193149.000018A000BC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://docs.google.com/presentation/Jchrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      http://anglebug.com/5007chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        https://drive.google.com/drive/installwebapp?usp=chrome_defaultchrome.exe, 0000000B.00000002.2819782938.000018A000380000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2820014565.000018A00043F000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2821415201.000018A0006FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          http://anglebug.com/3862chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://chrome.google.com/webstoreLDDiscoverchrome.exe, 0000000B.00000003.2742996041.000018A000CC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740497335.000018A000490000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739496364.000018A00048C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2742964496.000018A000F88000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2751669857.000018A000CC8000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2741154299.000018A000CC0000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2742156571.000018A000490000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://www.ecosia.org/search?q=&addon=opensearchchrome.exe, 0000000B.00000002.2824530857.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2741305497.000018A000C54000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2746648147.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2766074819.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2760486164.000018A000C50000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2800046500.000018A000C50000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://www.google.com/async/newtab_b?hchrome.exe, 0000000B.00000002.2817405318.000018A000080000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  http://unisolated.invalid/Qchrome.exe, 0000000B.00000002.2822893075.000018A0009AC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                                                                  http://anglebug.com/4836chrome.exe, 0000000B.00000003.2740688810.000018A000B14000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2739591378.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 0000000B.00000002.2824752517.000018A000C98000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    https://issuetracker.google.com/issues/166475273chrome.exe, 0000000B.00000003.2740600950.000018A00036C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high

                                                                                                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                                                                                                      Public IPs

                                                                                                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                      2.22.242.11
                                                                                                                                                                                                                                                      		a416.dscd.akamai.netEuropean Union
                                                                                                                                                                                                                                                      		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                      20.189.173.13
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                      18.244.18.27
                                                                                                                                                                                                                                                      		sb.scorecardresearch.comUnited States
                                                                                                                                                                                                                                                      		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                      149.154.167.99
                                                                                                                                                                                                                                                      		t.meUnited Kingdom
                                                                                                                                                                                                                                                      		62041TELEGRAMRUfalse
                                                                                                                                                                                                                                                      162.159.61.3
                                                                                                                                                                                                                                                      		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                      13.74.129.1
                                                                                                                                                                                                                                                      		c-msn-pme.trafficmanager.netUnited States
                                                                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                      142.250.186.132
                                                                                                                                                                                                                                                      		www.google.comUnited States
                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                      20.110.205.119
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                      142.250.184.206
                                                                                                                                                                                                                                                      		play.google.comUnited States
                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                      92.123.12.8
                                                                                                                                                                                                                                                      		e28578.d.akamaiedge.netEuropean Union
                                                                                                                                                                                                                                                      		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                                                                      204.79.197.219
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                      172.64.41.3
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                      104.70.121.193
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                      172.217.16.206
                                                                                                                                                                                                                                                      		plus.l.google.comUnited States
                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                      18.173.219.111
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                                                                      23.219.82.89
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                      150.171.27.10
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                      88.99.124.230
                                                                                                                                                                                                                                                      		sailiabot.comGermany
                                                                                                                                                                                                                                                      		24940HETZNER-ASDEtrue
                                                                                                                                                                                                                                                      239.255.255.250
                                                                                                                                                                                                                                                      		unknownReserved
                                                                                                                                                                                                                                                      		unknownunknownfalse
                                                                                                                                                                                                                                                      23.219.82.40
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                      204.79.197.203
                                                                                                                                                                                                                                                      		a-0003.a-msedge.netUnited States
                                                                                                                                                                                                                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                      142.250.176.193
                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                      Private

                                                                                                                                                                                                                                                      IP
                                                                                                                                                                                                                                                      192.168.2.6
                                                                                                                                                                                                                                                      127.0.0.1

                                                                                                                                                                                                                                                      General Information

                                                                                                                                                                                                                                                      Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                                                      Analysis ID:1614047
                                                                                                                                                                                                                                                      Start date and time:2025-02-13 08:34:19 +01:00
                                                                                                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                      Overall analysis duration:0h 6m 30s
                                                                                                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                      Report type:full
                                                                                                                                                                                                                                                      Cookbook file name:default.jbs
                                                                                                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                      Number of analysed new started processes analysed:33
                                                                                                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                                                                                                      Number of injected processes analysed:0
                                                                                                                                                                                                                                                      Technologies:
                                                                                                                                                                                                                                                      • HCA enabled
                                                                                                                                                                                                                                                      • EGA enabled
                                                                                                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                                                                                                      Analysis stop reason:Timeout
                                                                                                                                                                                                                                                      Sample name:SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe
                                                                                                                                                                                                                                                      Detection:MAL
                                                                                                                                                                                                                                                      Classification:mal100.troj.spyw.evad.winEXE@74/269@26/24
                                                                                                                                                                                                                                                      EGA Information:
                                                                                                                                                                                                                                                      • Successful, ratio: 50%
                                                                                                                                                                                                                                                      HCA Information:
                                                                                                                                                                                                                                                      • Successful, ratio: 98%
                                                                                                                                                                                                                                                      • Number of executed functions: 50
                                                                                                                                                                                                                                                      • Number of non-executed functions: 7
                                                                                                                                                                                                                                                      Cookbook Comments:
                                                                                                                                                                                                                                                      • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                      Warnings

                                                                                                                                                                                                                                                      • Exclude process from analysis (whitelisted): dllhost.exe, BackgroundTransferHost.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                                                      • Excluded IPs from analysis (whitelisted): 184.30.131.245, 172.217.18.3, 142.250.184.238, 173.194.76.84, 199.232.214.172, 142.250.181.238, 142.250.74.195, 142.250.186.138, 142.250.184.234, 172.217.16.138, 142.250.74.202, 142.250.185.234, 142.250.185.170, 142.250.186.42, 142.250.185.202, 216.58.206.42, 142.250.186.74, 142.250.186.170, 142.250.185.74, 142.250.181.234, 142.250.186.106, 142.250.184.202, 172.217.16.202, 142.250.186.46, 2.18.97.153, 172.217.18.10, 216.58.206.74, 13.107.42.16, 13.107.21.239, 204.79.197.239, 142.250.185.78, 13.107.6.158, 4.231.66.184, 88.221.110.211, 88.221.110.179, 88.221.110.251, 88.221.110.248, 2.19.122.49, 2.19.122.54, 2.19.122.46, 2.19.122.56, 2.19.122.52, 2.19.122.55, 2.19.122.44, 2.19.122.48, 2.19.122.45, 2.16.164.121, 2.16.164.65, 2.22.242.121, 2.22.242.82, 142.250.80.67, 142.251.32.99, 2.19.122.21, 13.107.253.45, 20.109.210.53, 20.223.35.26, 2.19.122.5, 150.171.28.10, 2.19.122.31, 94.245.104.56, 40.126.32.140, 172.183.192.109, 13.107.246.40, 23.200.0.33, 104.117.182.59, 20.22
                                                                                                                                                                                                                                                      • Excluded domains from analysis (whitelisted): cdp-f-ssl-tlu-net.trafficmanager.net, nav-edge.smartscreen.microsoft.com, slscr.update.microsoft.com, img-s-msn-com.akamaized.net, data-edge.smartscreen.microsoft.com, tse1.mm.bing.net, clientservices.googleapis.com, g.bing.com, fs-wildcard.microsoft.com.edgekey.net, star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, config-edge-skype.l-0007.l-msedge.net, login.live.com, e16604.g.akamaiedge.net, www.gstatic.com, l-0007.l-msedge.net, star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, www.bing.com, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, ogads-pa.googleapis.com, prod-atm-wds-edge.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, a1834.dscg2.akamai.net, c.bing.com, edgeassetservice.azureedge.net, clients.l.google.com, mira.config.skype.com, config.edge.skype.com.trafficmanager.net, otelrules.afd.azureedge.net, fs-wildcard.microsoft.com.edgek
                                                                                                                                                                                                                                                      • Execution Graph export aborted for target SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe, PID 3268 because there are no executed function
                                                                                                                                                                                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                                                                                                                                                      • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                                                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                      Simulations

                                                                                                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                                                                                                      No simulations

                                                                                                                                                                                                                                                      Joe Sandbox View / Context

                                                                                                                                                                                                                                                      IPs

                                                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                      2.22.242.11pothjasefdj.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                        setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                          Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                            bot2.exeGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                              seethebestthingswithbstteamworkgiven.htaGet hashmaliciousCobalt Strike, RemcosBrowse
                                                                                                                                                                                                                                                                random.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                  NF_e.msiGet hashmaliciousAteraAgentBrowse
                                                                                                                                                                                                                                                                    7OmeyJ9pug.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      Document-0191536.pdf.lnk.download.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        82.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                          20.189.173.13https://click.mailchimp.com/track/click/30010842/forms.office.com?p=eyJzIjoiUU5MTE43blNUdEQxbUdOR3lwdVJ3M1kyVHBzIiwidiI6MSwicCI6IntcInVcIjozMDAxMDg0MixcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Zvcm1zLm9mZmljZS5jb21cXFwvUGFnZXNcXFwvU2hhcmVGb3JtUGFnZS5hc3B4P2lkPWkwYWxtWEtzYWtDTnNoUThad2JsWnVHaXRELXJkRk5MbngxZkVDU0RBUGRVT1VWWE9WSTJUa0ZNVFRaSU1EUldUa2RZVmtWSlEwczBVUzR1JnNoYXJldG9rZW49cWhZMVVQRWtyM0NGdjJpcUlpTUtcIixcImlkXCI6XCIzYjUxMDE1ZDY0ODc0ZDdkOWMwNjg2OGM5Y2M5OWVjOFwiLFwidXJsX2lkc1wiOltcIjVkMTg5YTdhMzU1NWIyZWQ5ZjBlNmQ4ZTM3MWFjZmM1ZDE4NzMwYmRcIl19In0Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                            https://herbertgschwend-my.sharepoint.com/:u:/g/personal/hg_gschwend-immobilien_de/EXS9Sw4TFC5Inr36Wv80H7EB-SinU6tgDzHWjKCYjfZgDw?e=QtSQPgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                              Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                https://forms.office.com/Pages/ShareFormPage.aspx?id=iTARqgAd5UqV7QMdokx8z5JQ4K3tn3VMnOw2L2-4Y1tUQzFZOEUySUhJNFFWWTUxSjFORUVGUVNVNi4u&sharetoken=iZc5orqlj4ABtC30rQXFGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                  phishing.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    https://aMER.ethamoskag.ru/0cUrcw3/#Mbob@bobco.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                      file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                        http://login.nojustgive.com/ueAQYUzzGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                          file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                            DSCI5829.jpgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              18.244.18.27http://amazon.org.bz/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                https://storage.googleapis.com/salesflow25/eranewmar.html#?Z289MSZzMT0yMDU1MzQ3JnMyPTM0ODY1OTg4MCZzMz1HTEI=Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                  https://storage.googleapis.com/salesflow25/eranewmar.html#?Z289MSZzMT0yMDU1MzU1JnMyPTkwNTI3Njc0JnMzPUdMQg==Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      http://%5B%22https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Femail.bcbssettlement.com%2Fc%2FeJxkzL1OwzAQAOCnscfIPv9m8IAgERVqQRTm6OxcVaPERcnB87Owdf_0zclG8M5JSjqY2Gvd91FekzYqO3LxgkXb4rxykA1hCME4F0KRNYECp0AFFZQ3sQNvvLUzImU7a62FVbnkfSfmhVZq3JXbKpd0Zf7ehXkQMAoYdyo_G3X3UsA4E9O21oZcb01u6YuwUaOON7zUgo1JWIVLrv83p_Pzy_T2PhwPn8fp9PpxeBym83B6kr8J_gIAAP__kjFIFA&data=05%7C02%7Cjeanene.traficante%40albint.com%7C1fdf299aa52a4a651cc208dd4745f85b%7Cff3d33ae31364152812675e51f4a1404%7C0%7C0%7C638745088046675413%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=fGCIRyUUbeFPm7FcRl%2FZ7oH%2FXi3jt5H1pOFROm4%2BJoY%3D&reserved=0%22,%20%222f9fb485af706049f5d23654ae36fb8f%22%5DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        https://tt.vg/notificareDPD02Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          https://mettameasklogin.webflow.io/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            SoftWareGX.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                              https://heefs-groovy-site.webflow.io/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                http://stanbertoffers.click/4xFgwV139915ipNJ514dvzfmemwpo139YTREKXCYUQWGBDX102904ZWMR259j9&c=E,1,Mg5xzd4F6yN_08RkJ8ZoXndUhGAmmJ-gtxbsVZs8CZuTYm1hE4lOk2y227mHEyugNLXhbaCsaCuIQsiVrfCvRShqAIJqrNeiK2DnCF70STWt4rT0KKns-RM,&typo=1Get hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                                                                  149.154.167.99http://45.142.208.144.sslip.io/blog/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.org/img/emoji/40/F09F9889.png
                                                                                                                                                                                                                                                                                                                  http://xn--r1a.website/s/ogorodruGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.org/img/favicon.ico
                                                                                                                                                                                                                                                                                                                  http://cryptorabotakzz.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.org/
                                                                                                                                                                                                                                                                                                                  http://cache.netflix.com.id1.wuush.us.kg/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.org/dl?tme=fe3233c08ff79d4814_5062105595184761217
                                                                                                                                                                                                                                                                                                                  http://investors.spotify.com.sg2.wuush.us.kg/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.org/
                                                                                                                                                                                                                                                                                                                  http://bekaaviator.kz/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.org/
                                                                                                                                                                                                                                                                                                                  http://telegramtw1.org/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.org/?setln=pl
                                                                                                                                                                                                                                                                                                                  http://makkko.kz/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.org/
                                                                                                                                                                                                                                                                                                                  http://telegram.dogGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • telegram.dog/
                                                                                                                                                                                                                                                                                                                  LnSNtO8JIa.exeGet hashmaliciousCinoshi StealerBrowse
                                                                                                                                                                                                                                                                                                                  • t.me/cinoshibot

                                                                                                                                                                                                                                                                                                                  Domains

                                                                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                  t.mehttps://cwnwnetfekjc.club/Get hashmaliciousTelegram PhisherBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  https://www-teiegram.vip/Get hashmaliciousTelegram PhisherBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  pothjasefdj.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  nbyiksfthaed.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  us.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  3e#U043d.docGet hashmaliciousEternity StealerBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  21ruAkL7XB.exeGet hashmaliciousAmadey, VidarBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  http://metg.pro/covrrOUlimGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  http://hotmoneyguard.vercel.app/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  chrome.cloudflare-dns.comhttps://www.jumbomail.me/j/4W3aiJGGX0a31AcGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                                                                  pothjasefdj.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                                                                  nbyiksfthaed.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                                                                  wYfLzVg.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                                                                  us.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                                                                  Video e audio violati.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                                                                  setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                                                                  bat.batGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                                                                  main1(2).exeGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                                                                  bot2.exeGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                                                                  a416.dscd.akamai.netpothjasefdj.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.11
                                                                                                                                                                                                                                                                                                                  nbyiksfthaed.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.105
                                                                                                                                                                                                                                                                                                                  wYfLzVg.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 2.19.11.120
                                                                                                                                                                                                                                                                                                                  us.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 2.19.11.112
                                                                                                                                                                                                                                                                                                                  setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.11
                                                                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.11
                                                                                                                                                                                                                                                                                                                  bat.batGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.105
                                                                                                                                                                                                                                                                                                                  main1(2).exeGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.105
                                                                                                                                                                                                                                                                                                                  bot2.exeGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.11
                                                                                                                                                                                                                                                                                                                  21ruAkL7XB.exeGet hashmaliciousAmadey, VidarBrowse
                                                                                                                                                                                                                                                                                                                  • 2.16.164.33
                                                                                                                                                                                                                                                                                                                  a-0003.a-msedge.netSecuriteInfo.com.TrojanLoader.MSIL.DaVinci.Heur.10350.31223.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  pothjasefdj.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  nbyiksfthaed.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  wYfLzVg.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  us.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  bat.batGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  main1(2).exeGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  bot2.exeGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203

                                                                                                                                                                                                                                                                                                                  ASNs

                                                                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                  TELEGRAMRUhttps://cwnwnetfekjc.club/Get hashmaliciousTelegram PhisherBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  https://dnaxpaylterz-nw8.infoo.online/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.164.13
                                                                                                                                                                                                                                                                                                                  https://idx-dnaxpayltersz-kz3.infoo.online/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.164.13
                                                                                                                                                                                                                                                                                                                  https://goloss-tghot.sbs/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  https://www-teiegram.vip/Get hashmaliciousTelegram PhisherBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  girpwkfuejs.exeGet hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                                                                  pothjasefdj.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  nbyiksfthaed.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  FMFphP3A1e.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                                                                                  us.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  AMAZON-02USna.elfGet hashmaliciousPrometeiBrowse
                                                                                                                                                                                                                                                                                                                  • 54.171.230.55
                                                                                                                                                                                                                                                                                                                  https://www.jumbomail.me/j/4W3aiJGGX0a31AcGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 52.222.236.78
                                                                                                                                                                                                                                                                                                                  r53YFSyurTyIZZMd.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                  • 13.248.169.48
                                                                                                                                                                                                                                                                                                                  res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 18.139.80.242
                                                                                                                                                                                                                                                                                                                  res.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 13.219.95.255
                                                                                                                                                                                                                                                                                                                  4gVY26kKPX.exeGet hashmaliciousRedLineBrowse
                                                                                                                                                                                                                                                                                                                  • 52.49.62.117
                                                                                                                                                                                                                                                                                                                  http://68.183.190.199Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 54.246.165.21
                                                                                                                                                                                                                                                                                                                  https://bafybeiapgh4ue5jhezdin5eetliugobtaj6ktvugeeungdat4rjzvovq2i.ipfs.flk-ipfs.xyz/?client#dlhistoric_mea@maryland.govGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 13.33.187.111
                                                                                                                                                                                                                                                                                                                  SecuriteInfo.com.Linux.Siggen.8345.3807.32336.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 54.171.230.55
                                                                                                                                                                                                                                                                                                                  SecuriteInfo.com.Trojan.Linux.GenericKD.24542.30377.7811.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 54.171.230.55
                                                                                                                                                                                                                                                                                                                  AKAMAI-ASN1EUhttps://www.jumbomail.me/j/4W3aiJGGX0a31AcGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 23.33.40.16
                                                                                                                                                                                                                                                                                                                  37f9658.exeGet hashmaliciousLummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.139
                                                                                                                                                                                                                                                                                                                  http://68.183.190.199Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 2.21.65.136
                                                                                                                                                                                                                                                                                                                  4289658.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.139
                                                                                                                                                                                                                                                                                                                  3dd9658.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.82
                                                                                                                                                                                                                                                                                                                  43a9658.exeGet hashmaliciousLummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.82
                                                                                                                                                                                                                                                                                                                  https://experttradings.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 2.22.242.114
                                                                                                                                                                                                                                                                                                                  http://fedx-express.top/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 95.101.182.74
                                                                                                                                                                                                                                                                                                                  http://ecovvorxusa.com/palcemlmxzcnanw.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 95.101.182.74
                                                                                                                                                                                                                                                                                                                  http://kemitraansubsidi-pertamina.craftto.web.id/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 88.221.110.155
                                                                                                                                                                                                                                                                                                                  MICROSOFT-CORP-MSN-AS-BLOCKUShttps://www.jumbomail.me/j/4W3aiJGGX0a31AcGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 13.107.42.14
                                                                                                                                                                                                                                                                                                                  res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 21.127.208.196
                                                                                                                                                                                                                                                                                                                  res.mips.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 20.187.1.25
                                                                                                                                                                                                                                                                                                                  SecuriteInfo.com.TrojanLoader.MSIL.DaVinci.Heur.10350.31223.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                  • 204.79.197.203
                                                                                                                                                                                                                                                                                                                  http://68.183.190.199Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 13.107.42.14
                                                                                                                                                                                                                                                                                                                  4289658.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 13.107.246.61
                                                                                                                                                                                                                                                                                                                  3dd9658.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 13.107.246.61
                                                                                                                                                                                                                                                                                                                  http://fedx-express.top/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 20.10.16.51
                                                                                                                                                                                                                                                                                                                  http://3656xx.vip/index.htmlGet hashmaliciousBet365 PhisherBrowse
                                                                                                                                                                                                                                                                                                                  • 20.239.97.157
                                                                                                                                                                                                                                                                                                                  https://m17xlwv2.nhubiubuniunuion.workers.dev/?username=&sso_reload=trueGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                  • 13.107.42.14

                                                                                                                                                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                  1138de370e523e824bbca92d049a3777185.7.214.54.ps1Get hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  http://fedx-express.top/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  http://bafybeib7jlno5fzb4pahur7qloay2ivw2it64wctlpircwy6vjdob4rs5y.ipfs.dweb.link/06461746120796F7589.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  http://kemitraansubsidi-pertamina.craftto.web.id/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  http://anpost-rescheduledelivery.com/pages?p=personal-detailsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  https://regularizar-pago-netflix.com/sus.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  https://blockrequestbrandlaunch.vercel.app/appeal&formGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  https://53onlinevalidate.weebly.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  https://sso-en-uphold-com--cdn-auth.webflow.io/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  https://idx-dnaxpayltersz-kz3.infoo.online/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                                                                  6271f898ce5be7dd52b0fc260d0662b3185.7.214.54.ps1Get hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  Please Complete Contracts 06884 (8.48 KB).msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  ''Draft-Contract.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  Citar.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  ORDER 5172025.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  ''Draft-Contract.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  Citar.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  ORDER 5172025.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  https://bxz-dnaxpayltersz-nw.infoo.online/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  https://bookcptereserves.com/?hotel/hoteladmin/extranet_ng/manage/booking.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                                                                  3b5074b1b5d032e5620f69f9f700ff0e9I1FsRE6Cf.exeGet hashmaliciousQuasarBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  TC DESCRIPTION ZHONG MENG HANG LIAN.pdf.scr.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  MV KLC TBN TC DESCRIPTION.doc.scr.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  37f9658.exeGet hashmaliciousLummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  HQ2O2lKvcg.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  43a9658.exeGet hashmaliciousLummaC Stealer, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  PO#FVW24-419.415.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  https://experttradings.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  https://mweb.datalinks.cfd/?Auth=W955LAaA1GiRT7z4LO5kbp9gVgbWFzzVGVFDLGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  https://scandalous-seen-venom.glitch.me/public/get.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 40.113.103.199
                                                                                                                                                                                                                                                                                                                  37f463bf4616ecd445d4a1937da06e19SecuriteInfo.com.TrojanLoader.MSIL.DaVinci.Heur.10350.31223.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  oiuyjikdkjg.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  pothjasefdj.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  nbyiksfthaed.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  wYfLzVg.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  random.exeGet hashmaliciousAmadey, LummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  us.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  SecuriteInfo.com.Trojan.DownLoader19.10887.56.7494.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  Tilintetgrelsen.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                                                                                  setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  • 88.99.124.230
                                                                                                                                                                                                                                                                                                                  • 149.154.167.99

                                                                                                                                                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                                                                                                                                                  No context

                                                                                                                                                                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\6xt0ri

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):106496
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.136471148832945
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c1/k4:MnlyfnGtxnfVuSVumEH1s4
                                                                                                                                                                                                                                                                                                                  MD5:37B1FC046E4B29468721F797A2BB968D
                                                                                                                                                                                                                                                                                                                  SHA1:50055EF1C50E4C1A7CCF7D00620E95128E4C448B
                                                                                                                                                                                                                                                                                                                  SHA-256:7BBD5DFC9026E0D477B027B9A2A3F022F2E72FC9B4E05E697461A00677AE8EFD
                                                                                                                                                                                                                                                                                                                  SHA-512:1D8A0F0AE76E5A1CF131F6D2C5156EA4204449942210EF029D5B018464355DBF94E2D8ABD6A5A9CDFE4271DCD22703BF26ECE8FEE902E122184680F1BB001149
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\79h47yuk6

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):51200
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.8745947603342119
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:aZ8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:W8yLG7IwRWf4
                                                                                                                                                                                                                                                                                                                  MD5:378391FDB591852E472D99DC4BF837DA
                                                                                                                                                                                                                                                                                                                  SHA1:10CB2CDAD4EDCCACE0A7748005F52C5251F6F0E0
                                                                                                                                                                                                                                                                                                                  SHA-256:513C63B0E44FFDE2B4E511A69436799A8B59585CB0EB5CCFDA7A9A8F06BA4808
                                                                                                                                                                                                                                                                                                                  SHA-512:F099631BEC265A6E8E4F8808270B57FFF28D7CBF75CC6FA046BB516E8863F36E8506C7A38AD682132FCB1134D26326A58F5B588B9EC9604F09FD7155B2AEF2DA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\9rieus

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):155648
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                                                                                                  MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                                                                                                  SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                                                                                                  SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                                                                                                  SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\kfcjwb

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):10237
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.498288591230544
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:/nTFTRRFYbBp6SLZNMGaXU6qU4rzy+/3/OYiNBw8D7Sl:LreDFNMroyrdw60
                                                                                                                                                                                                                                                                                                                  MD5:0F58C61DE9618A1B53735181E43EE166
                                                                                                                                                                                                                                                                                                                  SHA1:CC45931CF12AF92935A84C2A015786CC810AEC3A
                                                                                                                                                                                                                                                                                                                  SHA-256:AE9C3109DD23F391DC58C564080932100F55C8E674176D7911D54FB0D3417AE0
                                                                                                                                                                                                                                                                                                                  SHA-512:DEA527C22D4AA607B00FBBCC1CDD9C6B69E92EC3B1B14649A086E87258AAD5C280BFB2835C165176E8759F575AA39D1B58E25CB40F60C7E88D94243A874B71BE
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696486832);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696486836);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\kxl689

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):159744
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                                                                                                  MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                                                                                                  SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                                                                                                  SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                                                                                                  SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\r90rq1

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):196608
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.2676702371761548
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:384:L/2qOB1nxCkM4SA1LyKOMq+8iP5GDHP/0jMVum4:Kq+n0J491LyKOMq+8iP5GLP/0R
                                                                                                                                                                                                                                                                                                                  MD5:4DE3AD38A3C964D3D582CA6D673BF60B
                                                                                                                                                                                                                                                                                                                  SHA1:56A18B2A740354FD102C03797AFC76C007E742EF
                                                                                                                                                                                                                                                                                                                  SHA-256:3C623E6B0510CD50DF46A1174C4FBD889FE618F3C63145D2B8ECDE69E2D8385E
                                                                                                                                                                                                                                                                                                                  SHA-512:F22C529402B7D1C0A856E9CE77EBBD280B5C6999C92AECBE4184200D0F5A99278AF6BF2E09DD779BDAD41395BBEB9693E4D974832D00DFEBF3F04CFB3068EAE0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......[...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\ua1djw

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):98304
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                                                  MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                                                  SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                                                  SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                                                  SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\uaa1dt

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 32768, file counter 2, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):294912
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.08436837154972243
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:5va0zkVmvQhyn+Zoz679fqlQbGhMHPaVAL23v2:51zkVmvQhyn+Zoz67f
                                                                                                                                                                                                                                                                                                                  MD5:BDDB3A7A4643B027E8E743D32B86297D
                                                                                                                                                                                                                                                                                                                  SHA1:AACAA39E60FB34908241F75550B1CEDDA50E37D1
                                                                                                                                                                                                                                                                                                                  SHA-256:13BC4A6A15651C116209341E97255C67980005927DFD9E91236E2E1517AF97EF
                                                                                                                                                                                                                                                                                                                  SHA-512:9A6244248CA636DB12AEC2E56DEAEAA2D62ED8378EA5A1D9947938DA15CA66BC4EDF11BF7CCC92E43734449EBECD03CF538BB61FCF90798DEBFD65098BC2A444
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j......z<.{...{.{a{.z.z<z.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\ProgramData\y5fct\xtjwtj5fu

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40960
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                                  MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                                                  SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                                                  SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                                                  SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0b2ea5c7-4690-46a7-9f6a-d5b42f5ca252.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44898
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.095558726535502
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kW0e/i1zNtzdjxMsUKNq9XnXXtoQEsKJDSgzMMd6qDg:+/Ps+wsI7yn7/djxgKSKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:361B07240D2E00B40B939D419E88C2A7
                                                                                                                                                                                                                                                                                                                  SHA1:AD336F91A1C1323A12ACC850C8CBD0F55E9D6A86
                                                                                                                                                                                                                                                                                                                  SHA-256:7A859B234375FF9E1BDB6BDF8966B81F1694C82BEF4D629F3C2FF7FF179FB548
                                                                                                                                                                                                                                                                                                                  SHA-512:A70676E12F3BCC635D6549D2B64A6C579635481E2797E4258CF0890B46722707C345A6BEC791AFFDCD4B14C1A1D0FE3FA825D6BAC91B3FFA7CCF4C0DB3436D25
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\3e2e533f-65a0-40f1-aef7-4f7573279ced.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):107893
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.640166853701547
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7j:fwUQC5VwBIiElEd2K57P7j
                                                                                                                                                                                                                                                                                                                  MD5:F31FD8A6CEDD22935337E13C8DC79A93
                                                                                                                                                                                                                                                                                                                  SHA1:30CCCCC27C35266D73A76BAA762DFF5828F2346F
                                                                                                                                                                                                                                                                                                                  SHA-256:C49AC4EBBB25DBD5DF6C5B50E23A7ACFC341A851A02258BA5DEA245DD355BC51
                                                                                                                                                                                                                                                                                                                  SHA-512:CD11F36BC2CD8B57FE6E2EB0A2B65A78613D827BD68F0402F831A6808B897221A461955100EAA8D8B2D8A4311CB170B5D4EC7D1ED25A7C1A2834D6950B6A2DA0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):107893
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.640166853701547
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7j:fwUQC5VwBIiElEd2K57P7j
                                                                                                                                                                                                                                                                                                                  MD5:F31FD8A6CEDD22935337E13C8DC79A93
                                                                                                                                                                                                                                                                                                                  SHA1:30CCCCC27C35266D73A76BAA762DFF5828F2346F
                                                                                                                                                                                                                                                                                                                  SHA-256:C49AC4EBBB25DBD5DF6C5B50E23A7ACFC341A851A02258BA5DEA245DD355BC51
                                                                                                                                                                                                                                                                                                                  SHA-512:CD11F36BC2CD8B57FE6E2EB0A2B65A78613D827BD68F0402F831A6808B897221A461955100EAA8D8B2D8A4311CB170B5D4EC7D1ED25A7C1A2834D6950B6A2DA0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67ADA0FB-1E90.pma

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.44920916541092376
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:oPE45qRdIeG+tCVYlR98qdZGXsb1s3aHEC57ar:FG+HOa
                                                                                                                                                                                                                                                                                                                  MD5:1ECA6FB60DAFC11506D82FFC2780C7D3
                                                                                                                                                                                                                                                                                                                  SHA1:A584D47D58C8197B7751BAF5B5D386C99D35FEB4
                                                                                                                                                                                                                                                                                                                  SHA-256:8304266D0C82F8A115FA6AC602CF33A493A69048D1C07BD6A5DF7DC8A71661D1
                                                                                                                                                                                                                                                                                                                  SHA-512:EB9DEFFC5CCFEFF70997662A5D9201BB621B622D7A453D2845AB11853F55893A445B8935725C12A9F6B61FB776DE342295EA032AEFF4F72857B3A9B34DE79278
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:...@..@...@.....C.].....@...................................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30...............117.0.2045.55-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".gkmxum20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J...I.r.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@....................................w..U?:K...G...W6.>.........."....."...24.."."+jDg7C0j+BlQ1Nj+QPG7Safjq+2ZvoQsMhxZL1Gpc+U="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...Nb.X9.I@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2..............

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):280
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.0984945491284295
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:FiWWltlcUpPmPIijS3XbnbO6YBVP/Sh/JzvbYuDRBOc7cEJHCll:o1cUh4Y3LbO/BVsJDbYuDRBOycd
                                                                                                                                                                                                                                                                                                                  MD5:AFAC5E4CC1213807ACB7D1A0F61BCF99
                                                                                                                                                                                                                                                                                                                  SHA1:FEDCA0A829A0DBCCD1E9D7048398372FF9604783
                                                                                                                                                                                                                                                                                                                  SHA-256:FF48F538CBF3D665C9B115D6F3F6459E0CD7D9DF368E921E5A4BF2CA88E3C55F
                                                                                                                                                                                                                                                                                                                  SHA-512:44F1A7E8C8DD1D5CE625AE26ED4074900A979ACD34BAFB3D3B354145690D37D34E07F2D0D9DEE81BE80EAFA9E3973AB11AD6E85EB23A804958584D8DB4902D66
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:sdPC.....................cT..\.E.....P."+jDg7C0j+BlQ1Nj+QPG7Safjq+2ZvoQsMhxZL1Gpc+U="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................7aa5fc64-f4df-45d8-92ed-89470ca1c2d2............

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3ba91e99-1e29-4ed1-9544-d50d39ab4aaf.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):115717
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                  MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                  SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                  SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                  SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4a61891d-802e-4736-9c0e-5827c7b49a8b.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):14242
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.293627136148604
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:sthJ99QTryDigabatSuypYsIEaFvrEjzixjkrzHYiC8FbV+FDhQwgOO3iPqYJ:sthPGKSu4YsIECDizu4bGFQwTO34
                                                                                                                                                                                                                                                                                                                  MD5:07CD55FDF7FEAA04078BF8560A4B63E5
                                                                                                                                                                                                                                                                                                                  SHA1:0B180B346F1F5B5640DB4DD4CF6834234D081C48
                                                                                                                                                                                                                                                                                                                  SHA-256:6B88A099A3AEF25F7EC2040A3E9BEAAFC9A5AE8A8994D8ECCF089735CA640595
                                                                                                                                                                                                                                                                                                                  SHA-512:06666798C4752AAFD64A6ABAC701D897C1186C457D25CE87771A43D2D32CA480BEB920EEA9F2ABF6C08725AF4FB06152FD5F4CBF06641E272AF7CCD66F74C931
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13383905788737322","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5a31c757-6b42-420c-8cf1-22547acdd7b8.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):13240
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.216270672046828
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:sthJ99QTryDigabatSuypYsIEaFvrE9kngHYOC8FbV+FDhQwgxpUiPqYJ:sthPGKSu4YsIECDmbGFQwYK4
                                                                                                                                                                                                                                                                                                                  MD5:E55C1738B71C79AD92103E94ADFFA762
                                                                                                                                                                                                                                                                                                                  SHA1:BDBB2D0EBF4F8048723291CE409CD1AECDC004CF
                                                                                                                                                                                                                                                                                                                  SHA-256:61A24B7EDA9EF5236DEF39EA9388102827B6E8C14C92CFDD6531F122557233D4
                                                                                                                                                                                                                                                                                                                  SHA-512:0A74BFB904F8C3A4C2F1949F91515B5EECCCC3F1EB7F7C93AFF98F3594AE3A2A3A1B3400E3B8487ABDC747D51C9DC782CEBFADB052C5B3F0986594D6F125D039
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13383905788737322","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):33
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                                                                  MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                                                                  SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                                                                  SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                                                                  SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):313
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.244610811332842
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXH5fM1N723oH+Tcwtp3hBtB2KLl1HKBVq2PN723oH+Tcwtp3hBWsIFUv:7RsaYebp3dFLeBVvVaYebp3eFUv
                                                                                                                                                                                                                                                                                                                  MD5:E79F361A9B931FE53572F74C2F141B39
                                                                                                                                                                                                                                                                                                                  SHA1:7285950D232838F5BAE4ACBDB25B5716CCCACEF8
                                                                                                                                                                                                                                                                                                                  SHA-256:27976B99C04AFA405CBAE8A63C4849FB6CBE827072CEB4E3429444E0B267F127
                                                                                                                                                                                                                                                                                                                  SHA-512:2FDF34CFA61D9D6A5557EF709CF42C9C427322B0358053D328DD5880C69EF6A806A3103DEF6FF69069665FB12F674483C8FFD355CECBE854EF9AA63E77EE9A86
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:33.369 1f14 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2025/02/13-02:36:33.425 1f14 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                  Size (bytes):2163821
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.222857562395459
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24576:IbPMZpVIfI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:IbkZpVIfx2mjF
                                                                                                                                                                                                                                                                                                                  MD5:D2EB638F07C6FFEDC2A348160253627F
                                                                                                                                                                                                                                                                                                                  SHA1:7136947895E759FB3959E9FF8889FDCEC1A325F8
                                                                                                                                                                                                                                                                                                                  SHA-256:853A5E30CCB726DCE1635B49A0FA4F5443A2D8486364A6415D39C2547C7588D7
                                                                                                                                                                                                                                                                                                                  SHA-512:0274022D8741E26A97FF0898FEED83A28D14C957F7773290D97F060D0695EC3456C453122C2302BA85CA9D7B133B8D001C2FD8CB48F06FA72C5E032E8A1350D6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1.f.+.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340960289901340.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):337
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.073914422345657
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHzdwQ+q2PN723oH+Tcwt9Eh1tIFUtFHkdWZmw7HswQVkwON723oH+Tcwt9Ehx:7jKQ+vVaYeb9Eh16FUtKg/LQV5OaYebY
                                                                                                                                                                                                                                                                                                                  MD5:8702134AF8994CC215B0DBA4F820ADE9
                                                                                                                                                                                                                                                                                                                  SHA1:56D939DB713BD0043CCFD55F02F93BBA845AF240
                                                                                                                                                                                                                                                                                                                  SHA-256:EBB2AD4149DF5934CE7C034E97E96B0B905960FF799C881C83E5F83D05825FCF
                                                                                                                                                                                                                                                                                                                  SHA-512:CF02911D6A39742BF4EADAC6831E845B22344D6C7ED1C0AB873D255864EC4BFB3AD0ABCCDC1C872E51F2B54E9C2BB8CA9492983956CCBC08BDD43FC653598D16
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:33.339 c0c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2025/02/13-02:36:33.342 c0c Recovering log #3.2025/02/13-02:36:33.347 c0c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):337
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.073914422345657
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHzdwQ+q2PN723oH+Tcwt9Eh1tIFUtFHkdWZmw7HswQVkwON723oH+Tcwt9Ehx:7jKQ+vVaYeb9Eh16FUtKg/LQV5OaYebY
                                                                                                                                                                                                                                                                                                                  MD5:8702134AF8994CC215B0DBA4F820ADE9
                                                                                                                                                                                                                                                                                                                  SHA1:56D939DB713BD0043CCFD55F02F93BBA845AF240
                                                                                                                                                                                                                                                                                                                  SHA-256:EBB2AD4149DF5934CE7C034E97E96B0B905960FF799C881C83E5F83D05825FCF
                                                                                                                                                                                                                                                                                                                  SHA-512:CF02911D6A39742BF4EADAC6831E845B22344D6C7ED1C0AB873D255864EC4BFB3AD0ABCCDC1C872E51F2B54E9C2BB8CA9492983956CCBC08BDD43FC653598D16
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:33.339 c0c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2025/02/13-02:36:33.342 c0c Recovering log #3.2025/02/13-02:36:33.347 c0c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):28672
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.462610818480855
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBuv:TouQq3qh7z3bY2LNW9WMcUvBuv
                                                                                                                                                                                                                                                                                                                  MD5:01A6DE98D7CD5E0863FA79CE4E228CC4
                                                                                                                                                                                                                                                                                                                  SHA1:61AE7532DFD4CDAFBDA163D1E76E559713B8FAE1
                                                                                                                                                                                                                                                                                                                  SHA-256:A729019C590AF12392E7EA7718C18B84ABCE281FF2640E1F04523EE98A5FA2C8
                                                                                                                                                                                                                                                                                                                  SHA-512:F04F93B65B7E2704110FAF2E26EC0EE4FDA126A955F647EDB023530D97BC3EBB40E12A044B82E6C9A3627CB3DE29F5B40FA347387034388C8ECB261FA2DD2850
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):10240
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.8708334089814068
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                                                                                                                                                                                                  MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                                                                                                                                                                                                  SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                                                                                                                                                                                                  SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                                                                                                                                                                                                  SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):352
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.18628691007048
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHe1MM+q2PN723oH+TcwtnG2tMsIFUtFHe1ZZmw7He1MMVkwON723oH+TcwtnB:7CN+vVaYebn9GFUtoZ/ONV5OaYebn95J
                                                                                                                                                                                                                                                                                                                  MD5:5E7AEB3229EA73D1835E2D5BEAFA3AB2
                                                                                                                                                                                                                                                                                                                  SHA1:FDB7991F094E96656A298E685B44DEDDEFFABAF1
                                                                                                                                                                                                                                                                                                                  SHA-256:D1CD0A288CC3AAA6840AA46BDA39A04911470067F4AE0AD36B6C378539377EFC
                                                                                                                                                                                                                                                                                                                  SHA-512:8D3868442C907AA10985558B0FF50BBB9A16C756B0627AE193169D510EA409E4ED1938C082A83DCDD7576157DBCC509DF0539A791CE65AD341B69DD25EF5FD63
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.639 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2025/02/13-02:36:27.639 1fac Recovering log #3.2025/02/13-02:36:27.639 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):352
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.18628691007048
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHe1MM+q2PN723oH+TcwtnG2tMsIFUtFHe1ZZmw7He1MMVkwON723oH+TcwtnB:7CN+vVaYebn9GFUtoZ/ONV5OaYebn95J
                                                                                                                                                                                                                                                                                                                  MD5:5E7AEB3229EA73D1835E2D5BEAFA3AB2
                                                                                                                                                                                                                                                                                                                  SHA1:FDB7991F094E96656A298E685B44DEDDEFFABAF1
                                                                                                                                                                                                                                                                                                                  SHA-256:D1CD0A288CC3AAA6840AA46BDA39A04911470067F4AE0AD36B6C378539377EFC
                                                                                                                                                                                                                                                                                                                  SHA-512:8D3868442C907AA10985558B0FF50BBB9A16C756B0627AE193169D510EA409E4ED1938C082A83DCDD7576157DBCC509DF0539A791CE65AD341B69DD25EF5FD63
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.639 1fac Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2025/02/13-02:36:27.639 1fac Recovering log #3.2025/02/13-02:36:27.639 1fac Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.6137882098932934
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:TLapR+DDNzWjJ0npnyXKUO8+jpYpy3XmL:TO8D4jJ/6Up+lLc
                                                                                                                                                                                                                                                                                                                  MD5:6E40A438E11F620F0E361C297C4FAE66
                                                                                                                                                                                                                                                                                                                  SHA1:BFDB748CE394D9C174ADB1867ACEE89F71B744A7
                                                                                                                                                                                                                                                                                                                  SHA-256:962C8BC944371D87EA176CAEA6D031E2E899711E340A11195505A0BBD613C824
                                                                                                                                                                                                                                                                                                                  SHA-512:5D0863F91D8AFE5BBFB17C4CC969F3EC4D421ECF9D14E9540335B6C6FCAE5ECA9A7553C7183DDBDA3B5FE5383250463E6A3AD5EC4D42FE22CC136C1302C01B2F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):375520
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.354036514045279
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:GA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:GFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                                                  MD5:8D81338D5EE3031AC5C8E27B27C64ECB
                                                                                                                                                                                                                                                                                                                  SHA1:B02403444A24C390B766DA66C387D0361C231D34
                                                                                                                                                                                                                                                                                                                  SHA-256:4ACB753383D584B582E03E97E2DA32837CFB314B7DE867001179B922A29EA465
                                                                                                                                                                                                                                                                                                                  SHA-512:D92558307C34BCF8FA15B8960193136FC20B386CAAD222544449F19CDA469BA2185494A7D3634431F8B20CEE3C67CB3EF9477EC4642FD7F408C3136EE72401DA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1H2u*q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13383905794660064..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):313
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.125497827795507
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXH7T1N723oH+Tcwtk2WwnvB2KLl1Ha9+q2PN723oH+Tcwtk2WwnvIFUv:7rzaYebkxwnvFLm4vVaYebkxwnQFUv
                                                                                                                                                                                                                                                                                                                  MD5:62F5C0DFEEB374E56A40BC4DD1C6F143
                                                                                                                                                                                                                                                                                                                  SHA1:3F3A5D647061C2DB3002701AD64CCB05D70E0F1F
                                                                                                                                                                                                                                                                                                                  SHA-256:8499FE711D1DB2332F2B55B5B6486538E2B5F5F39FD4E132769F73579F0A15D2
                                                                                                                                                                                                                                                                                                                  SHA-512:50A93CDDB7E2A77C88E8A5E7096B9CE4149D5DC6C0132C33C0F18FABC8BDAF53C9278915DD59D66D9499F6601F98553978FA86993B247EF74CF8CD1321603C60
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:33.331 9e8 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2025/02/13-02:36:33.392 9e8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                  Size (bytes):358860
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.3246203038643305
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RA:C1gAg1zfvY
                                                                                                                                                                                                                                                                                                                  MD5:6845F64ABC73E475470C892F25231D22
                                                                                                                                                                                                                                                                                                                  SHA1:5AD86A09F6F270083DA2241BDCCAC67E80E7B92E
                                                                                                                                                                                                                                                                                                                  SHA-256:3EB5C424A07627CC7DA1B72003BAB5DFA54157515EBDEED02B03DEBE1A0D1382
                                                                                                                                                                                                                                                                                                                  SHA-512:D4CCC3E41F8142297968237686046693B656154F70CFD3FFC4B625A54249F8A4118F066CB9AA2E8293631D45204C626467258C1F7247440498435CE9F4C19A2F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):418
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                                                  MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                                                  SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                                                  SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                                                  SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.150905792462925
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeQxOq2PN723oH+Tcwt8aPrqIFUtFHeYMBZmw7HeYMbkwON723oH+Tcwt8amd:7HxOvVaYebL3FUt6B/4b5OaYebQJ
                                                                                                                                                                                                                                                                                                                  MD5:EEFC7E29004019813072A4E4C8A2B8C9
                                                                                                                                                                                                                                                                                                                  SHA1:173F56DD380A6EF1754B55FAD77674FB912F3AAB
                                                                                                                                                                                                                                                                                                                  SHA-256:6988A1C59CD36FB57535C589CA75FB81EF38719E3C873C2C3A88103A4349B396
                                                                                                                                                                                                                                                                                                                  SHA-512:8FC06BA1F36360DAFF6BD42A72FEDCF19D83C204D322ECA1660F7817767CAA7B9F04B1D109C4112E0D26D9D6A577E3CE89CBA1C28A275900512E8041803EF336
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.724 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2025/02/13-02:36:27.725 1fb0 Recovering log #3.2025/02/13-02:36:27.725 1fb0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.150905792462925
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeQxOq2PN723oH+Tcwt8aPrqIFUtFHeYMBZmw7HeYMbkwON723oH+Tcwt8amd:7HxOvVaYebL3FUt6B/4b5OaYebQJ
                                                                                                                                                                                                                                                                                                                  MD5:EEFC7E29004019813072A4E4C8A2B8C9
                                                                                                                                                                                                                                                                                                                  SHA1:173F56DD380A6EF1754B55FAD77674FB912F3AAB
                                                                                                                                                                                                                                                                                                                  SHA-256:6988A1C59CD36FB57535C589CA75FB81EF38719E3C873C2C3A88103A4349B396
                                                                                                                                                                                                                                                                                                                  SHA-512:8FC06BA1F36360DAFF6BD42A72FEDCF19D83C204D322ECA1660F7817767CAA7B9F04B1D109C4112E0D26D9D6A577E3CE89CBA1C28A275900512E8041803EF336
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.724 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2025/02/13-02:36:27.725 1fb0 Recovering log #3.2025/02/13-02:36:27.725 1fb0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):418
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                                                  MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                                                  SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                                                  SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                                                  SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):332
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.171410464696148
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeKuDgq2PN723oH+Tcwt865IFUtFHegdZmw7HegvkwON723oH+Tcwt86+ULJ:7RuDgvVaYeb/WFUtv/X5OaYeb/+SJ
                                                                                                                                                                                                                                                                                                                  MD5:358E151B3C42E2D2793B763341CD502D
                                                                                                                                                                                                                                                                                                                  SHA1:F35249DE765B03BF36AA60A96C4937EC76662AC8
                                                                                                                                                                                                                                                                                                                  SHA-256:1414D387A10E7C209EB2153B54648C129405143CA238F43FDCDD638A3FCD6FE3
                                                                                                                                                                                                                                                                                                                  SHA-512:E9D8AE0E05B0E7B76FDE700CD813E34BD3606ABC0AA6E43B079CFE08CA6F135985D40E912EB7C89BE83FCFC7C72F6845386F3189FA919355BEE1DE3E293F46E9
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.741 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2025/02/13-02:36:27.742 1fb0 Recovering log #3.2025/02/13-02:36:27.742 1fb0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):332
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.171410464696148
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeKuDgq2PN723oH+Tcwt865IFUtFHegdZmw7HegvkwON723oH+Tcwt86+ULJ:7RuDgvVaYeb/WFUtv/X5OaYeb/+SJ
                                                                                                                                                                                                                                                                                                                  MD5:358E151B3C42E2D2793B763341CD502D
                                                                                                                                                                                                                                                                                                                  SHA1:F35249DE765B03BF36AA60A96C4937EC76662AC8
                                                                                                                                                                                                                                                                                                                  SHA-256:1414D387A10E7C209EB2153B54648C129405143CA238F43FDCDD638A3FCD6FE3
                                                                                                                                                                                                                                                                                                                  SHA-512:E9D8AE0E05B0E7B76FDE700CD813E34BD3606ABC0AA6E43B079CFE08CA6F135985D40E912EB7C89BE83FCFC7C72F6845386F3189FA919355BEE1DE3E293F46E9
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.741 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2025/02/13-02:36:27.742 1fb0 Recovering log #3.2025/02/13-02:36:27.742 1fb0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1254
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                                                                  MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                                                                  SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                                                                  SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                                                                  SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.125065525121197
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeiL+q2PN723oH+Tcwt8NIFUtFHeRam1Zmw7HeRawLVkwON723oH+Tcwt8+ed:7vyvVaYebpFUtSaA/MawR5OaYebqJ
                                                                                                                                                                                                                                                                                                                  MD5:E05314CA741A8F3B54D78AD75C26EF0F
                                                                                                                                                                                                                                                                                                                  SHA1:D72D06A3957FE5C56613B67E2D4436D96F75A1F5
                                                                                                                                                                                                                                                                                                                  SHA-256:F91B5230DFCCBD1F0B0564A2C2BF1AB88CF66EE18DD8C2D758713A555EE35F83
                                                                                                                                                                                                                                                                                                                  SHA-512:83B3A0D4AA64F10C6BB158BFD4BD8212F7B2F43EF6B50911F1905F11AA4D3F8B7F57FFB99DAE30E25441E959D70C2BCFCD52292815ED23A0A6D3164E027D614D
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:29.091 1f18 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2025/02/13-02:36:29.092 1f18 Recovering log #3.2025/02/13-02:36:29.092 1f18 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.125065525121197
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeiL+q2PN723oH+Tcwt8NIFUtFHeRam1Zmw7HeRawLVkwON723oH+Tcwt8+ed:7vyvVaYebpFUtSaA/MawR5OaYebqJ
                                                                                                                                                                                                                                                                                                                  MD5:E05314CA741A8F3B54D78AD75C26EF0F
                                                                                                                                                                                                                                                                                                                  SHA1:D72D06A3957FE5C56613B67E2D4436D96F75A1F5
                                                                                                                                                                                                                                                                                                                  SHA-256:F91B5230DFCCBD1F0B0564A2C2BF1AB88CF66EE18DD8C2D758713A555EE35F83
                                                                                                                                                                                                                                                                                                                  SHA-512:83B3A0D4AA64F10C6BB158BFD4BD8212F7B2F43EF6B50911F1905F11AA4D3F8B7F57FFB99DAE30E25441E959D70C2BCFCD52292815ED23A0A6D3164E027D614D
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:29.091 1f18 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2025/02/13-02:36:29.092 1f18 Recovering log #3.2025/02/13-02:36:29.092 1f18 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):429
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                                                  MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                                                  SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                                                  SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                                                  SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                  Size (bytes):8720
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.21861961848037048
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:iR9tFlljq7A/mhWJFuQ3yy7IOWUWKtdweytllrE9SFcTp4AGbNCV9RUIp:575fOYKtd0Xi99pEYn
                                                                                                                                                                                                                                                                                                                  MD5:C0F20124AA4DC2B4305E6D570D93736D
                                                                                                                                                                                                                                                                                                                  SHA1:D97E42CF637250E534E21A322177DCE03D5F21DF
                                                                                                                                                                                                                                                                                                                  SHA-256:042F8515318AECF4E7977B4E00D6ED75D7A771A214EA58D16E2D02CD7040EC53
                                                                                                                                                                                                                                                                                                                  SHA-512:2DDC4100D8864FCECFEADE1862F9ED4F08554DF59F6EBE3229317E00A56D47273D20C6D48C5DD44772C1C3CFBC2FC60E820E64F520729D54426BC98E17CCD179
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:..............y@...&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):115717
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                  MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                  SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                  SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                  SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 13, cookie 0x3, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):53248
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.4138449634132066
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:384:Fj9P0AjlUgam6I4P/KbtLcg773pLChfQkQerIRKToaAu:Fd7lLIP/Ng74Je2IRKcC
                                                                                                                                                                                                                                                                                                                  MD5:621808B98AD76E75A1AE5612BECB2971
                                                                                                                                                                                                                                                                                                                  SHA1:95D9291B61388734D7E5B93360C86F77069F1DFD
                                                                                                                                                                                                                                                                                                                  SHA-256:CA08DC666846E81BCF57F9F7E2930D4C6C4101598A3EE1189DB53E3DF34FD1E7
                                                                                                                                                                                                                                                                                                                  SHA-512:505B65AD969C5F6858E64582841A2D351A3A81CFB2279B07FA788419DC74AC3C4F940FB1C1BD4DA7C443B676FC84618E75A4CC7D8ED83D031257967765B06FBF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):412
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.207633519056939
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:7EvVaYeb8rcHEZrELFUtA/i5OaYeb8rcHEZrEZSJ:7uVaYeb8nZrExgPOaYeb8nZrEZe
                                                                                                                                                                                                                                                                                                                  MD5:9F2F8F254E176644E6AAB8371C491359
                                                                                                                                                                                                                                                                                                                  SHA1:4C104636002F2CFA59AE26F82AB31E865062323B
                                                                                                                                                                                                                                                                                                                  SHA-256:F105D888440C16638160631E6E31847743D8EDC3C778AEBBD4ED4DC346CFC412
                                                                                                                                                                                                                                                                                                                  SHA-512:157C7024A65ABAFF72B19B7BBB52DCFF5B4046B62961A54A7BFE5E43608F97D6B67208A4979FAEAA1DF5FEAC26220F50C89197DD6486C229AAA98B18E13A3C94
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:33.070 1f10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2025/02/13-02:36:33.071 1f10 Recovering log #3.2025/02/13-02:36:33.071 1f10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):412
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.207633519056939
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:7EvVaYeb8rcHEZrELFUtA/i5OaYeb8rcHEZrEZSJ:7uVaYeb8nZrExgPOaYeb8nZrEZe
                                                                                                                                                                                                                                                                                                                  MD5:9F2F8F254E176644E6AAB8371C491359
                                                                                                                                                                                                                                                                                                                  SHA1:4C104636002F2CFA59AE26F82AB31E865062323B
                                                                                                                                                                                                                                                                                                                  SHA-256:F105D888440C16638160631E6E31847743D8EDC3C778AEBBD4ED4DC346CFC412
                                                                                                                                                                                                                                                                                                                  SHA-512:157C7024A65ABAFF72B19B7BBB52DCFF5B4046B62961A54A7BFE5E43608F97D6B67208A4979FAEAA1DF5FEAC26220F50C89197DD6486C229AAA98B18E13A3C94
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:33.070 1f10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2025/02/13-02:36:33.071 1f10 Recovering log #3.2025/02/13-02:36:33.071 1f10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1171
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.6273744712725895
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:GZWIipo/RcNZLc8MkzrCAF5/XpLbJnmZVXCWwV0374qJMyG:GZ1ipo/RcN28MkvJXp2XRwV0374qCyG
                                                                                                                                                                                                                                                                                                                  MD5:BDE4DC570A4770B64642C6B417497FF1
                                                                                                                                                                                                                                                                                                                  SHA1:CAC2D96718E57906D42964499FDF60493F83A947
                                                                                                                                                                                                                                                                                                                  SHA-256:981ACC8ECA382FD55CC442F3EE41CCFFE3763915860D21088607A84A461427B6
                                                                                                                                                                                                                                                                                                                  SHA-512:7420409DAC0946B589C365E87EC1B46350496BDE9AA5176CD04A0EED7D8F6D0CFB8EF84350BCF80EF666039ECD17B9FD6E104B48BAD0202A2E72DA0B96653353
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:#.t3.................VERSION.1..META:https://ntp.msn.com............!_https://ntp.msn.com..LastKnownPV..1739432196316.._https://ntp.msn.com..MUID!.3AF11E0F011363DE0AF40B9D009962CB.%_https://ntp.msn.com..authRecordTrail...[{"time":"2025-02-13T07:36:36.234Z","action":"NUT","result":"SUCCESS","state":{"isSignedIn":false,"accountType":"UNSUPPORTED_SOVEREIGNTY","signedInAccounts":[0],"storage":{"elt":0,"lt":0,"aace":0,"ace":0,"app_anon":0,"anon":0,"app_wid":0},"appType":"edgeChromium","pageType":"dhp"}}].._https://ntp.msn.com..bkgdV...{"cachedVideoId":-1,"lastUpdatedTime":1739432196411,"schedule":[-1,-1,-1,33,9,-1,10],"scheduleFixed":[-1,-1,-1,33,9,-1,10],"simpleSchedule":[34,17,18,46,15,39,22]}.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"dhp":"20250212.627"}.*_https://ntp.msn.com..pivotSelectionSource..sticky.#_https://ntp.msn.com..selectedPiv

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):340
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.094179239555558
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeQI+q2PN723oH+Tcwt8a2jMGIFUtFHeTmZmw7HecUEW3VkwON723oH+Tcwtw:7y+vVaYeb8EFUt2m/XSV5OaYeb8bJ
                                                                                                                                                                                                                                                                                                                  MD5:ADF15F701BB9F5E5127A0C6415CE5C66
                                                                                                                                                                                                                                                                                                                  SHA1:78BB8A2A141CD3BB22D284427083248914A1AB25
                                                                                                                                                                                                                                                                                                                  SHA-256:388563AAB0AA51F1A43185ABEF768EFA027E8C00516A93CB627A2EBE26802045
                                                                                                                                                                                                                                                                                                                  SHA-512:6E5EA6D2E375DD217F5AE3B52761892DA7706F8C4D22B5C03E7D04B51F22CC493D730BD47FA0FE8A7278D46FA8088704341CD4924A75415A97E50555DA65438E
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:28.003 1a2c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2025/02/13-02:36:28.004 1a2c Recovering log #3.2025/02/13-02:36:28.007 1a2c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):340
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.094179239555558
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeQI+q2PN723oH+Tcwt8a2jMGIFUtFHeTmZmw7HecUEW3VkwON723oH+Tcwtw:7y+vVaYeb8EFUt2m/XSV5OaYeb8bJ
                                                                                                                                                                                                                                                                                                                  MD5:ADF15F701BB9F5E5127A0C6415CE5C66
                                                                                                                                                                                                                                                                                                                  SHA1:78BB8A2A141CD3BB22D284427083248914A1AB25
                                                                                                                                                                                                                                                                                                                  SHA-256:388563AAB0AA51F1A43185ABEF768EFA027E8C00516A93CB627A2EBE26802045
                                                                                                                                                                                                                                                                                                                  SHA-512:6E5EA6D2E375DD217F5AE3B52761892DA7706F8C4D22B5C03E7D04B51F22CC493D730BD47FA0FE8A7278D46FA8088704341CD4924A75415A97E50555DA65438E
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:28.003 1a2c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2025/02/13-02:36:28.004 1a2c Recovering log #3.2025/02/13-02:36:28.007 1a2c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\47388ace-746e-43ea-a22b-2a7f835f9310.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\641bf535-b00e-4784-8919-0b8b6d08c53f.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.7833996017968867
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:tT95shZjXggQBRBegzNHTcuBetE+a1jkXcf0L/ZJVb:V95GJgDBRBewc3m+xXI0LhJVb
                                                                                                                                                                                                                                                                                                                  MD5:B80F118AD225E4FA28C03F4772DDFD16
                                                                                                                                                                                                                                                                                                                  SHA1:1D63EC30AF49B72CA6913C48E41E5C95083D2FCE
                                                                                                                                                                                                                                                                                                                  SHA-256:79FC8496B9787F1C847086EC9B029F9E47DC57479953429828D60528FDCCCAD6
                                                                                                                                                                                                                                                                                                                  SHA-512:5055EBB7F2D7022C1560E740AAD66ACAEECB038A846EACE5D95D0691983CD934C0EE26B7C626CD1BA3DCF360B200E90FFE6140680B288AAC94DF21791E7740DD
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):36864
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.28023271200259
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:T6IopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSB+bY:OIEumQv8m1ccnvS6e+ii0h51a
                                                                                                                                                                                                                                                                                                                  MD5:0D2A09E7EEB553212BC5A509D0F1148B
                                                                                                                                                                                                                                                                                                                  SHA1:963FE5F7196CEDA45440A5F96E2CF7B50A0D6FCA
                                                                                                                                                                                                                                                                                                                  SHA-256:3124C48316165C658629C9A30CD99DA9C288216B2617AC9749B60C95FF0138F8
                                                                                                                                                                                                                                                                                                                  SHA-512:A8AD1EA38AD41CC3234CEA1A49533A8848B2F4B670E80C2C90777507CDCBA86764E32E87A087CDF451140A6B9CF4D614BEAF0BFAEBAF0B6054D9F52EC4F82B33
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF4757a.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF4873d.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF49017.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\b4c12abe-aeb2-4e09-becb-ca21182d5644.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\f2cff764-c693-4518-88b0-ac055c44abeb.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ffbb9892-8304-4a91-b684-7c4ec23301d9.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.8350301952073809
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:TLSOUOq0afDdWec9sJlAMoqsgC7zn2z8ZI7J5fc:T+OUzDbg3sAM/sgCnn2ztc
                                                                                                                                                                                                                                                                                                                  MD5:0DAD8D7F079797377CD56DAE47E1A619
                                                                                                                                                                                                                                                                                                                  SHA1:A353C01C5B9BA9E0315ABA74D3337B7D6EE97CB2
                                                                                                                                                                                                                                                                                                                  SHA-256:7BDA584E0C1BE9E104065370FD279A7E771D7EB4F7E4CC7C80F146931F150E33
                                                                                                                                                                                                                                                                                                                  SHA-512:5A57C0D303672564DDEAA08B5DAAEE1BA24B67C46100720CE69F0908427ACE55F330D96A772D0E1F96B595FBBD70E6145AA464FC4F312EFE095F9AC909E304E8
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):13240
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.216270672046828
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:sthJ99QTryDigabatSuypYsIEaFvrE9kngHYOC8FbV+FDhQwgxpUiPqYJ:sthPGKSu4YsIECDmbGFQwYK4
                                                                                                                                                                                                                                                                                                                  MD5:E55C1738B71C79AD92103E94ADFFA762
                                                                                                                                                                                                                                                                                                                  SHA1:BDBB2D0EBF4F8048723291CE409CD1AECDC004CF
                                                                                                                                                                                                                                                                                                                  SHA-256:61A24B7EDA9EF5236DEF39EA9388102827B6E8C14C92CFDD6531F122557233D4
                                                                                                                                                                                                                                                                                                                  SHA-512:0A74BFB904F8C3A4C2F1949F91515B5EECCCC3F1EB7F7C93AFF98F3594AE3A2A3A1B3400E3B8487ABDC747D51C9DC782CEBFADB052C5B3F0986594D6F125D039
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13383905788737322","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4aeca.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):13240
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.216270672046828
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:sthJ99QTryDigabatSuypYsIEaFvrE9kngHYOC8FbV+FDhQwgxpUiPqYJ:sthPGKSu4YsIECDmbGFQwYK4
                                                                                                                                                                                                                                                                                                                  MD5:E55C1738B71C79AD92103E94ADFFA762
                                                                                                                                                                                                                                                                                                                  SHA1:BDBB2D0EBF4F8048723291CE409CD1AECDC004CF
                                                                                                                                                                                                                                                                                                                  SHA-256:61A24B7EDA9EF5236DEF39EA9388102827B6E8C14C92CFDD6531F122557233D4
                                                                                                                                                                                                                                                                                                                  SHA-512:0A74BFB904F8C3A4C2F1949F91515B5EECCCC3F1EB7F7C93AFF98F3594AE3A2A3A1B3400E3B8487ABDC747D51C9DC782CEBFADB052C5B3F0986594D6F125D039
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13383905788737322","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4fb83.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):13240
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.216270672046828
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:sthJ99QTryDigabatSuypYsIEaFvrE9kngHYOC8FbV+FDhQwgxpUiPqYJ:sthPGKSu4YsIECDmbGFQwYK4
                                                                                                                                                                                                                                                                                                                  MD5:E55C1738B71C79AD92103E94ADFFA762
                                                                                                                                                                                                                                                                                                                  SHA1:BDBB2D0EBF4F8048723291CE409CD1AECDC004CF
                                                                                                                                                                                                                                                                                                                  SHA-256:61A24B7EDA9EF5236DEF39EA9388102827B6E8C14C92CFDD6531F122557233D4
                                                                                                                                                                                                                                                                                                                  SHA-512:0A74BFB904F8C3A4C2F1949F91515B5EECCCC3F1EB7F7C93AFF98F3594AE3A2A3A1B3400E3B8487ABDC747D51C9DC782CEBFADB052C5B3F0986594D6F125D039
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13383905788737322","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):35286
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.558007184389551
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:OCY5+nWUAW5w6cf46P8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPHCIAN4drwXetdLiW:OhknLAWa6cf/Pu1ja44ymutdLfWtC
                                                                                                                                                                                                                                                                                                                  MD5:8F234D24A4A4C376ACCD71B48241224B
                                                                                                                                                                                                                                                                                                                  SHA1:4E10B209384C45B120485FE9B6F6BD15654345C6
                                                                                                                                                                                                                                                                                                                  SHA-256:18E4FF6E6664DC6B116969906226BE194B8F2E1A291B19E13FB8ED263EA5EF25
                                                                                                                                                                                                                                                                                                                  SHA-512:0B8FA3D7053729B34853A11290E1DA44C25D715AC8B86E8FFA0AA211C3FF049F26240E856A0F066ADD32E49CF7BFEDB6CBD49BBA2A570B355013A7FB17BE7A82
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13383905787597561","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13383905787597561","location":5,"ma

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF4ad72.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):35286
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.558007184389551
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:OCY5+nWUAW5w6cf46P8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPHCIAN4drwXetdLiW:OhknLAWa6cf/Pu1ja44ymutdLfWtC
                                                                                                                                                                                                                                                                                                                  MD5:8F234D24A4A4C376ACCD71B48241224B
                                                                                                                                                                                                                                                                                                                  SHA1:4E10B209384C45B120485FE9B6F6BD15654345C6
                                                                                                                                                                                                                                                                                                                  SHA-256:18E4FF6E6664DC6B116969906226BE194B8F2E1A291B19E13FB8ED263EA5EF25
                                                                                                                                                                                                                                                                                                                  SHA-512:0B8FA3D7053729B34853A11290E1DA44C25D715AC8B86E8FFA0AA211C3FF049F26240E856A0F066ADD32E49CF7BFEDB6CBD49BBA2A570B355013A7FB17BE7A82
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13383905787597561","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13383905787597561","location":5,"ma

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF4d492.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):35286
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.558007184389551
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:OCY5+nWUAW5w6cf46P8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPHCIAN4drwXetdLiW:OhknLAWa6cf/Pu1ja44ymutdLfWtC
                                                                                                                                                                                                                                                                                                                  MD5:8F234D24A4A4C376ACCD71B48241224B
                                                                                                                                                                                                                                                                                                                  SHA1:4E10B209384C45B120485FE9B6F6BD15654345C6
                                                                                                                                                                                                                                                                                                                  SHA-256:18E4FF6E6664DC6B116969906226BE194B8F2E1A291B19E13FB8ED263EA5EF25
                                                                                                                                                                                                                                                                                                                  SHA-512:0B8FA3D7053729B34853A11290E1DA44C25D715AC8B86E8FFA0AA211C3FF049F26240E856A0F066ADD32E49CF7BFEDB6CBD49BBA2A570B355013A7FB17BE7A82
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13383905787597561","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13383905787597561","location":5,"ma

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2394
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.808673257345727
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:F2xc5NmxY6cncmoDCRORpllg2hEqfRHhldCRORpllg2hggFCRORpllg2hElRHh6Y:F2emWMrd6qfBHrdi6rd6lBsrdzB6
                                                                                                                                                                                                                                                                                                                  MD5:F9CBC23851DE5C700F24DA0E08DCD8DC
                                                                                                                                                                                                                                                                                                                  SHA1:475A6124F588EC562DFAD48155E970C54FF04BD3
                                                                                                                                                                                                                                                                                                                  SHA-256:2EBF958347F8E7B3B73EAF7645731BF14951DD2C950B6735608227225228497F
                                                                                                                                                                                                                                                                                                                  SHA-512:085086598CA423EEC8686FCDCABD766327E05BB7FF765A712890A7CE77763B0FE8AA95C7983CB53076282260A9B2976B517157FECF9EFF45255AACF03184C72E
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2.o..................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.+INITDATA_UNIQUE_ORIGIN:https://ntp.msn.com/...REG:https://ntp.msn.com/.0......https://ntp.msn.com/edge/ntp...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true .(.0.8.......@...Z.b.....trueh..h..h..h..h..h..h..h..h..h..h.!p.x..................................REGID_TO_ORIGIN:0.https://ntp.msn.com/..RES:0.0.......https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmpt

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):303
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.178596846320799
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHshq1N723oH+TcwtE/a252KLl1HWL+q2PN723oH+TcwtE/a2ZIFUv:7cMaYeb8xLKyvVaYeb8J2FUv
                                                                                                                                                                                                                                                                                                                  MD5:F6419B02745ADF4BB40AB390DB51C157
                                                                                                                                                                                                                                                                                                                  SHA1:BB86D79DB49D5F21224A5FC70640275801F231F2
                                                                                                                                                                                                                                                                                                                  SHA-256:F83833811D01421A91873FD49241F4511EF62B7373877625A86064B0D9403171
                                                                                                                                                                                                                                                                                                                  SHA-512:B8197C94EA89B3185AF6639EE2C5214CB609C6E8D38A81FEF274505F975BD725CB742EBCC606F5C90337D802EAB9C993C8FAE3DAB9B1775DA0EEC611BD9050AD
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:37.478 1f18 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2025/02/13-02:36:37.493 1f18 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):116406
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.575420451949504
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:WI906CxPXfO8a1PEYeIlL/NvKKd1XCjA3DONDFCe8a0ZOl8fS6Lc3JdKP/zPXLRh:39LCxPXfO8a1P5eIlL/tKK1XGHOj
                                                                                                                                                                                                                                                                                                                  MD5:5BD8CEFBB391E54EDCDAD6329865F0B7
                                                                                                                                                                                                                                                                                                                  SHA1:B42F851D520471F96168D6165364359B3AD23690
                                                                                                                                                                                                                                                                                                                  SHA-256:BDC6AC7AE1D8546BD979B65D93E8AF338136B8542458B0B945D9BFD050601DA5
                                                                                                                                                                                                                                                                                                                  SHA-512:F5CC866A44B7F5F96830B306047AAC7689F6A6862DBBB05DA0DE5D6641ED4EFA132CB2A6F71D26E11E8C3662A5367650252B6F0EB83181C0EE3281FA296DA7E1
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):191657
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.390718634270574
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:h+OzERXo7yzO4wdB16gUw5L/M7XEEhTK5B3i9J34OP22wNZvP1eWOUlWtKLDCB0e:ggp4wvggUCL/OUaK5Zi9J34OP22wNZvY
                                                                                                                                                                                                                                                                                                                  MD5:5C889D67C64D2E78C47745E3177F44E1
                                                                                                                                                                                                                                                                                                                  SHA1:97A9912AA9DCFDC9D99B81E242B1E654BAFC81B0
                                                                                                                                                                                                                                                                                                                  SHA-256:88F4885564EDCA5AF54A2753A8F0CE87AD8BD3F4AF70BAA419891FD9AB41B0F4
                                                                                                                                                                                                                                                                                                                  SHA-512:D876AC8C19243AB69269554C88397FA777648B18E0ADA85B044F66C5307E3C92879DBE98E918232BCAD3B8D002897DBF3A3FEA5C7EAFF4CEBF78D903F603AF63
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:0\r..m..........rSG.....0...../...............R......yTP........,T.8..`,.....L`.....,T...`......L`......Rc>.......exports...Rc.!.....module....Rc.n.E....define....Rb"R.m....amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H........Q...V,.r{...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true.a........Db............D`.....A..A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da.....i...,T.`.`z.....L`..........a............a.........Dr8..............

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):24
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                                                  MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                                                  SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                                                  SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                                                  SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:0\r..m..................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):72
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.55492787511957
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:RTJHFXAyXl/lXn/lxE4lt/Rm2us:PyKIoyo
                                                                                                                                                                                                                                                                                                                  MD5:9A9D4C01CFE4C242292F0D717A65082A
                                                                                                                                                                                                                                                                                                                  SHA1:8E5CEC141EE3B2025955D7DA45598A23744D8E9F
                                                                                                                                                                                                                                                                                                                  SHA-256:67030988AAD5D477D6B1AC9D316F50319EB0EF895AC2589DA2F45406354AA541
                                                                                                                                                                                                                                                                                                                  SHA-512:3921D596F15B82F12A968FD3266F4077B185C988D71EFF5380E0650C3F3A42241C77199392AA151202129A4FAD6305BEF9E2D5F98B1881681591FD8447A0CE3F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:@...$vK#oy retne.........................X....,...................f../.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):72
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.55492787511957
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:RTJHFXAyXl/lXn/lxE4lt/Rm2us:PyKIoyo
                                                                                                                                                                                                                                                                                                                  MD5:9A9D4C01CFE4C242292F0D717A65082A
                                                                                                                                                                                                                                                                                                                  SHA1:8E5CEC141EE3B2025955D7DA45598A23744D8E9F
                                                                                                                                                                                                                                                                                                                  SHA-256:67030988AAD5D477D6B1AC9D316F50319EB0EF895AC2589DA2F45406354AA541
                                                                                                                                                                                                                                                                                                                  SHA-512:3921D596F15B82F12A968FD3266F4077B185C988D71EFF5380E0650C3F3A42241C77199392AA151202129A4FAD6305BEF9E2D5F98B1881681591FD8447A0CE3F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:@...$vK#oy retne.........................X....,...................f../.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF4d7de.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):72
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.55492787511957
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:RTJHFXAyXl/lXn/lxE4lt/Rm2us:PyKIoyo
                                                                                                                                                                                                                                                                                                                  MD5:9A9D4C01CFE4C242292F0D717A65082A
                                                                                                                                                                                                                                                                                                                  SHA1:8E5CEC141EE3B2025955D7DA45598A23744D8E9F
                                                                                                                                                                                                                                                                                                                  SHA-256:67030988AAD5D477D6B1AC9D316F50319EB0EF895AC2589DA2F45406354AA541
                                                                                                                                                                                                                                                                                                                  SHA-512:3921D596F15B82F12A968FD3266F4077B185C988D71EFF5380E0650C3F3A42241C77199392AA151202129A4FAD6305BEF9E2D5F98B1881681591FD8447A0CE3F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:@...$vK#oy retne.........................X....,...................f../.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):7157
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.388742521902926
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:KCRisN6n72Uy0l6dVCUp+egi7iDcbJ0/gt8o4fIKDO:Kxs8qUy9p+PG5bm/gtjoO
                                                                                                                                                                                                                                                                                                                  MD5:3468BA394021A0438A262F3BA48EDBF4
                                                                                                                                                                                                                                                                                                                  SHA1:5A70849845B9DB8B29E1388815EFB95FBC76AF45
                                                                                                                                                                                                                                                                                                                  SHA-256:289B0A576A4FDFDB15E5E4E936E6015919460C4E75B780FD996A8E45065CC7ED
                                                                                                                                                                                                                                                                                                                  SHA-512:A4F2A2445526C09A9BBB98ABEC41DCE48A5C4C5C9EA51D9973EDD6ABD8E32D54F0E0EADB3742C747FAAEE2C300223162ED0814D3C66756E6FB973B180317D703
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................K.b................next-map-id.1.Cnamespace-ec0bc228_77f3_47f3_a497_d3342d6e99fd-https://ntp.msn.com/.0...P.................map-0-shd_sweeper.4{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.f.i.n.-.c.o.m.p.o.f.,.p.r.g.-.f.i.n.-.h.p.o.f.l.i.o.,.p.r.g.-.f.i.n.-.p.o.f.l.i.o.,.p.r.g.-.c.x.t.s.c.-.t.2.,.p.r.g.-.d.s.c.t.x.a.p.h.,.p.r.g.-.r.e.l.a.t.e.d.q.r.y.,.p.r.g.-.r.l.t.q.r.y.c.l.k.,.p.r.g.-.s.b.c.a.t.,.a.d.s.-.c.b.t.c.o.m.b.o.6.-.m.i.g.r.,.c.-.p.r.g.-.m.s.n.-.b.l.s.b.i.d.m.h.o.,.p.r.g.-.a.d.-.s.t.a.b.-.b.n.,.p.r.g.-.s.t.a.b.-.b.n.,.p.r.e.p.r.g.-.1.s.w.-.s.a.u.i.d.r.l.t.1.,.p.r.e.p.r.g.-.1.s.w.-.s.a.l.2.c.o.l.d.r.w.a.c.,.p.r.g.-.1.s.w.-.c.-.r.p.d.l.n.c.h.-.3.6.7.0.3.,.p.r.g.-.1.s.-.t.p.s.n.t.h.s.r.p.-.c.,.p.r.g.-.1.s.w.-.p.1.-.e.b.c.a.p.l.i.m.-.t.3.,.1.s.-.w.p.o.-.p.r.1.-.s.d.s.h.p.1.5.c.,.p.r.g.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.086074588164543
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHepI+q2PN723oH+TcwtrQMxIFUtFHeuvU+mZmw7HeuJU+iVkwON723oH+TcwJ:7z+vVaYebCFUtxvVm/fviV5OaYebtJ
                                                                                                                                                                                                                                                                                                                  MD5:DCBA9D63C7108E3B47589591D8CFD80C
                                                                                                                                                                                                                                                                                                                  SHA1:0FB71A9B22CC3163922DBC1C4AF8FF58EF5EA4E6
                                                                                                                                                                                                                                                                                                                  SHA-256:E94F6A896FD690B241056CA0F4753405F0BA2EC80D7B275C61659073A92A65C2
                                                                                                                                                                                                                                                                                                                  SHA-512:01D213DF8CB07558DA6427C27EB376A80B26BCBD7A7C2C5BD09C57B2E83BE9DC45BC9A1CD2D732B87A88307293392F5B636591B649ED8766DDB07E7BF089B7F6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:29.038 1a2c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2025/02/13-02:36:29.040 1a2c Recovering log #3.2025/02/13-02:36:29.046 1a2c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.086074588164543
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHepI+q2PN723oH+TcwtrQMxIFUtFHeuvU+mZmw7HeuJU+iVkwON723oH+TcwJ:7z+vVaYebCFUtxvVm/fviV5OaYebtJ
                                                                                                                                                                                                                                                                                                                  MD5:DCBA9D63C7108E3B47589591D8CFD80C
                                                                                                                                                                                                                                                                                                                  SHA1:0FB71A9B22CC3163922DBC1C4AF8FF58EF5EA4E6
                                                                                                                                                                                                                                                                                                                  SHA-256:E94F6A896FD690B241056CA0F4753405F0BA2EC80D7B275C61659073A92A65C2
                                                                                                                                                                                                                                                                                                                  SHA-512:01D213DF8CB07558DA6427C27EB376A80B26BCBD7A7C2C5BD09C57B2E83BE9DC45BC9A1CD2D732B87A88307293392F5B636591B649ED8766DDB07E7BF089B7F6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:29.038 1a2c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2025/02/13-02:36:29.040 1a2c Recovering log #3.2025/02/13-02:36:29.046 1a2c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13383905790098779

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1443
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.8165970332936228
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:3g05/OrPkWqpsAF4unx7WtLp3X2amEtG1Chqc24ZQKkOAM4:33lOrPktzFr4Lp2FEkChCHOp
                                                                                                                                                                                                                                                                                                                  MD5:9EA615EE702CA6B6B051B597632C633B
                                                                                                                                                                                                                                                                                                                  SHA1:86476D0600FD7B6D79591696B2E865A449E23C39
                                                                                                                                                                                                                                                                                                                  SHA-256:391A9D932DAFE543BA8B71254D35F1696B67FC22E79B858DB752DAB4197E334C
                                                                                                                                                                                                                                                                                                                  SHA-512:8814581127F2C09B71BC6BA83179F180879528365366CAC5B0CD22E272BEE9110323520D2D18D9A8DD5C7B90BF58B7CB2CFF8DBC02F12F7194BE84E853A07394
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SNSS.........9.............9......"..9.............9.........9.........9.........9....!....9.................................9..91..,.....9$...ec0bc228_77f3_47f3_a497_d3342d6e99fd.....9.........9....Q6...........9.....9.........................9....................5..0.....9&...{46F3A197-DB49-410A-81B3-94975C835573}.......9............9.........................9.............9........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x.......i.......j....................................... ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8............................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                                                  MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                                                  SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                                                  SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                                                  SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):356
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.1668358190944526
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHe/3+q2PN723oH+Tcwt7Uh2ghZIFUtFHejFJZmw7HelF9VkwON723oH+Tcwts:7GOvVaYebIhHh2FUtiJ/yt5OaYebIhHd
                                                                                                                                                                                                                                                                                                                  MD5:15C65A75936F553848457C7F6AF1F8BD
                                                                                                                                                                                                                                                                                                                  SHA1:4A9F920CB8EBACCBB8A2ED885F094DD8A9ECCAA2
                                                                                                                                                                                                                                                                                                                  SHA-256:090F0A74B55FB4A51088411F5D533A34E9B9FC52D0F6EA36F966D91B0F789A28
                                                                                                                                                                                                                                                                                                                  SHA-512:C40B431C9DFF97DFCF59C01D13B6116C9CFD8D6908C4683C1711A3AAD1F0D7C5A2778F33B0BEE37F6DC95AD2A951EB0FFF8401E1C8837B5DB40A6803C4DC1138
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.609 1f98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2025/02/13-02:36:27.612 1f98 Recovering log #3.2025/02/13-02:36:27.614 1f98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):356
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.1668358190944526
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHe/3+q2PN723oH+Tcwt7Uh2ghZIFUtFHejFJZmw7HelF9VkwON723oH+Tcwts:7GOvVaYebIhHh2FUtiJ/yt5OaYebIhHd
                                                                                                                                                                                                                                                                                                                  MD5:15C65A75936F553848457C7F6AF1F8BD
                                                                                                                                                                                                                                                                                                                  SHA1:4A9F920CB8EBACCBB8A2ED885F094DD8A9ECCAA2
                                                                                                                                                                                                                                                                                                                  SHA-256:090F0A74B55FB4A51088411F5D533A34E9B9FC52D0F6EA36F966D91B0F789A28
                                                                                                                                                                                                                                                                                                                  SHA-512:C40B431C9DFF97DFCF59C01D13B6116C9CFD8D6908C4683C1711A3AAD1F0D7C5A2778F33B0BEE37F6DC95AD2A951EB0FFF8401E1C8837B5DB40A6803C4DC1138
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.609 1f98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2025/02/13-02:36:27.612 1f98 Recovering log #3.2025/02/13-02:36:27.614 1f98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                  MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                  SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                  SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                  SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                  MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                  SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                  SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                  SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):435
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.170875138585092
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeodN4q2PN723oH+TcwtzjqEKj3K/2jMGIFUtFHeoShZmw7HeB+kwON723oH9:7TN4vVaYebvqBQFUt2/V5OaYebvqBvJ
                                                                                                                                                                                                                                                                                                                  MD5:A2CC769A2E873006E44DDBE71068DEB2
                                                                                                                                                                                                                                                                                                                  SHA1:F48A18093116681A06AF6F09F0B723F913DA6A91
                                                                                                                                                                                                                                                                                                                  SHA-256:30959890ABB127FC5E2654C1F9599E1A94831ED731C2D9AF9B79A41803A14887
                                                                                                                                                                                                                                                                                                                  SHA-512:ED06914F5DEB9C39A16DEF6D5808040CF19B50B56B62E667DCC414ADEDCEE3D771105A95C4D1198AC8C135BDDE2996872D80677885DB764B2A80CCD991C1F32F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:29.023 b30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2025/02/13-02:36:29.024 b30 Recovering log #3.2025/02/13-02:36:29.030 b30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):435
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.170875138585092
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeodN4q2PN723oH+TcwtzjqEKj3K/2jMGIFUtFHeoShZmw7HeB+kwON723oH9:7TN4vVaYebvqBQFUt2/V5OaYebvqBvJ
                                                                                                                                                                                                                                                                                                                  MD5:A2CC769A2E873006E44DDBE71068DEB2
                                                                                                                                                                                                                                                                                                                  SHA1:F48A18093116681A06AF6F09F0B723F913DA6A91
                                                                                                                                                                                                                                                                                                                  SHA-256:30959890ABB127FC5E2654C1F9599E1A94831ED731C2D9AF9B79A41803A14887
                                                                                                                                                                                                                                                                                                                  SHA-512:ED06914F5DEB9C39A16DEF6D5808040CF19B50B56B62E667DCC414ADEDCEE3D771105A95C4D1198AC8C135BDDE2996872D80677885DB764B2A80CCD991C1F32F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:29.023 b30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2025/02/13-02:36:29.024 b30 Recovering log #3.2025/02/13-02:36:29.030 b30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\6f864391-5ee3-4ddb-a722-e63b3bbaff23.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\88f7e7cf-ef0c-44d3-bf8b-61eef59b7fe8.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF487ab.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF49017.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):36864
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                                                  MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                                                                  SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                                                                  SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                                                                  SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\c97d83f4-20fb-4185-a21c-7270029fc3aa.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d2d290b7-502e-43b8-bdbd-85fcefba42dc.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):80
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                                                  MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                                                  SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                                                  SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                                                  SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):426
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.238074208636237
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:7o/3+vVaYebvqBZFUted/kWV5OaYebvqBaJ:7AMVaYebvygiOaYebvL
                                                                                                                                                                                                                                                                                                                  MD5:F567E762BC433CD907A63CB7D0353DB4
                                                                                                                                                                                                                                                                                                                  SHA1:BED346D2103970940684A8327DAFF6825406BE8A
                                                                                                                                                                                                                                                                                                                  SHA-256:D29E4D306E8DDE1D5B61FF6663C71B7056D83B4CB710664372C912DFF50B8D6E
                                                                                                                                                                                                                                                                                                                  SHA-512:F5A7C81278D0E7FB72F5B4C1694F34E9B28E2FDEABFAA97B642056E3144E35814114A0DE1A4EF524BA9BAF57ADBC51CFEFEE4EB2A079A4845C4B280D1226D6BC
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:47.677 1a2c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2025/02/13-02:36:47.679 1a2c Recovering log #3.2025/02/13-02:36:47.681 1a2c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):426
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.238074208636237
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:7o/3+vVaYebvqBZFUted/kWV5OaYebvqBaJ:7AMVaYebvygiOaYebvL
                                                                                                                                                                                                                                                                                                                  MD5:F567E762BC433CD907A63CB7D0353DB4
                                                                                                                                                                                                                                                                                                                  SHA1:BED346D2103970940684A8327DAFF6825406BE8A
                                                                                                                                                                                                                                                                                                                  SHA-256:D29E4D306E8DDE1D5B61FF6663C71B7056D83B4CB710664372C912DFF50B8D6E
                                                                                                                                                                                                                                                                                                                  SHA-512:F5A7C81278D0E7FB72F5B4C1694F34E9B28E2FDEABFAA97B642056E3144E35814114A0DE1A4EF524BA9BAF57ADBC51CFEFEE4EB2A079A4845C4B280D1226D6BC
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:47.677 1a2c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2025/02/13-02:36:47.679 1a2c Recovering log #3.2025/02/13-02:36:47.681 1a2c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):332
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.194820182046971
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHe+oQyq2PN723oH+TcwtpIFUtFHe+RG1Zmw7He+RQRkwON723oH+Tcwta/WLJ:7oQyvVaYebmFUt/g/1QR5OaYebaUJ
                                                                                                                                                                                                                                                                                                                  MD5:08C410775FDACF7BB0D05E88ED6FE2B0
                                                                                                                                                                                                                                                                                                                  SHA1:B96995CD0D00134D4EDC8E0683FD824947D595CA
                                                                                                                                                                                                                                                                                                                  SHA-256:056F844FE85AFCF4FC136DF5A3A230ADA6131E23664C445D984149CF4451B7DC
                                                                                                                                                                                                                                                                                                                  SHA-512:21C3AF15936F221B384D45D42CFCD957FA1736706DF212C3EF66486455BC9139965653195C2576F94583572374B8099C33A6DA8CF394B4DF882B539F20889AF9
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.738 1f90 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2025/02/13-02:36:27.739 1f90 Recovering log #3.2025/02/13-02:36:27.739 1f90 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):332
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.194820182046971
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHe+oQyq2PN723oH+TcwtpIFUtFHe+RG1Zmw7He+RQRkwON723oH+Tcwta/WLJ:7oQyvVaYebmFUt/g/1QR5OaYebaUJ
                                                                                                                                                                                                                                                                                                                  MD5:08C410775FDACF7BB0D05E88ED6FE2B0
                                                                                                                                                                                                                                                                                                                  SHA1:B96995CD0D00134D4EDC8E0683FD824947D595CA
                                                                                                                                                                                                                                                                                                                  SHA-256:056F844FE85AFCF4FC136DF5A3A230ADA6131E23664C445D984149CF4451B7DC
                                                                                                                                                                                                                                                                                                                  SHA-512:21C3AF15936F221B384D45D42CFCD957FA1736706DF212C3EF66486455BC9139965653195C2576F94583572374B8099C33A6DA8CF394B4DF882B539F20889AF9
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:27.738 1f90 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2025/02/13-02:36:27.739 1f90 Recovering log #3.2025/02/13-02:36:27.739 1f90 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):196608
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):1.2676702371761548
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:384:L/2qOB1nxCkM4SA1LyKOMq+8iP5GDHP/0jMVum4:Kq+n0J491LyKOMq+8iP5GLP/0R
                                                                                                                                                                                                                                                                                                                  MD5:4DE3AD38A3C964D3D582CA6D673BF60B
                                                                                                                                                                                                                                                                                                                  SHA1:56A18B2A740354FD102C03797AFC76C007E742EF
                                                                                                                                                                                                                                                                                                                  SHA-256:3C623E6B0510CD50DF46A1174C4FBD889FE618F3C63145D2B8ECDE69E2D8385E
                                                                                                                                                                                                                                                                                                                  SHA-512:F22C529402B7D1C0A856E9CE77EBBD280B5C6999C92AECBE4184200D0F5A99278AF6BF2E09DD779BDAD41395BBEB9693E4D974832D00DFEBF3F04CFB3068EAE0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......[...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40960
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.466719848449765
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB0h+:v7doKsKuKZKlZNmu46yjx0Y
                                                                                                                                                                                                                                                                                                                  MD5:CD01333FEA0F9B01D3D857270E1A18C8
                                                                                                                                                                                                                                                                                                                  SHA1:764D1E9A7B4D9993DDF5BC10B242D78ADA87A6A9
                                                                                                                                                                                                                                                                                                                  SHA-256:11D721AB39B05C163DBA1AD6B2907563396968C1B5B83C82F7E0F8DF2CC9DCE2
                                                                                                                                                                                                                                                                                                                  SHA-512:2AE011CDD11AE7231A4728141DF70F30991407C56F7F7B03A6C2969CC1B9A87AEDAF3FAE8A737A14B06F5BDA96A0FB63DF4DD6ED2CD4BD30994735CDE9013DF6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a57e7b54-0f5f-4748-89d6-9b966d0a8179.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40504
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.561470689683721
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:OCY5+nWaa7pLGL7eAW5w6cf45P8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPnFpCIANe:OhknRyc7eAWa6cfmPu1jayFp4ymutdV/
                                                                                                                                                                                                                                                                                                                  MD5:B04D1BB38C78913FCAFC6C940C5A22DF
                                                                                                                                                                                                                                                                                                                  SHA1:44D66998E1352636A45EAE17A9B878E33219527F
                                                                                                                                                                                                                                                                                                                  SHA-256:60E0639DDC89E1B4BDB0AD9C85B71D5982E672331FC35826879EF02B6D7EE2D3
                                                                                                                                                                                                                                                                                                                  SHA-512:C61FC4E0B5EA3507F78057A5145E28DD743529BDBDB6791ABCE6E67B6F0894361C2CA97EA73CF8686C07B99E4C6733FFD7DEF04CA7BCCF4E800369F5D0FB5A78
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13383905787597561","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13383905787597561","location":5,"ma

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):11755
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                                                  MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                                                  SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                                                  SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                                                  SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\cef209ee-7fbb-4b75-9eec-39520bf4803b.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d76f9c3d-e6d6-4fad-9f57-a7874b74047d.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40503
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.5615354705590105
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:OCY5+nWaa7pLGL7eAW5w6cf46P8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPnFpCIANW:OhknRyc7eAWa6cf/Pu1jayFp4ymutdMs
                                                                                                                                                                                                                                                                                                                  MD5:5106DA912531C1FDB80C14C3C6D9D9FC
                                                                                                                                                                                                                                                                                                                  SHA1:896D12916342CD7BED57551F21DFF76B72C53C89
                                                                                                                                                                                                                                                                                                                  SHA-256:328F5802369A0824B1827B359765CD056CCB2ACFEAFAB57A88EAD7095ADF9DD6
                                                                                                                                                                                                                                                                                                                  SHA-512:2562AEB87C37D5C8A012A5A07FB19ADD76622A89756313385E9D4BE9E68D8A6BD399B888599A49AD26090A07DACB1201E83475DCF75CB2D69B08868076232216
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13383905787597561","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13383905787597561","location":5,"ma

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):28672
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                                                  MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                                                  SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                                                  SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                                                  SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\e8073b34-aae5-4e04-b73f-a6397a35076c.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):14077
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.296025159680577
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:sthJ99QTryDigabatSuypYsIEaFvrEjzixjkrzHYiC8FbV+FDhQwgxpUiPqYJ:sthPGKSu4YsIECDizu4bGFQwYK4
                                                                                                                                                                                                                                                                                                                  MD5:282AEFB06B12EA03CBCEC78780B621FA
                                                                                                                                                                                                                                                                                                                  SHA1:2B06B68E16DC9183384F9D5136DD1D3E07550E7C
                                                                                                                                                                                                                                                                                                                  SHA-256:0894F924295FE536C2B8C7BD252EEC8D93D1D8524551D063D74919AA627F9484
                                                                                                                                                                                                                                                                                                                  SHA-512:302DF748719EBA001E344448F312B1EF23AB065B0B9DAA4590B72CEA29DBC8E9112C1D8504D9B578CCE00F213E4ECD995A9A3F3E1F9A201ACE424BAEDD9378F9
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13383905788737322","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f0855431-5507-4cb2-86c6-39fe0c787804.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f6bd2f07-fd64-4556-a100-4d237e715540.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):35286
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.558007184389551
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:OCY5+nWUAW5w6cf46P8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPHCIAN4drwXetdLiW:OhknLAWa6cf/Pu1ja44ymutdLfWtC
                                                                                                                                                                                                                                                                                                                  MD5:8F234D24A4A4C376ACCD71B48241224B
                                                                                                                                                                                                                                                                                                                  SHA1:4E10B209384C45B120485FE9B6F6BD15654345C6
                                                                                                                                                                                                                                                                                                                  SHA-256:18E4FF6E6664DC6B116969906226BE194B8F2E1A291B19E13FB8ED263EA5EF25
                                                                                                                                                                                                                                                                                                                  SHA-512:0B8FA3D7053729B34853A11290E1DA44C25D715AC8B86E8FFA0AA211C3FF049F26240E856A0F066ADD32E49CF7BFEDB6CBD49BBA2A570B355013A7FB17BE7A82
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13383905787597561","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13383905787597561","location":5,"ma

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):32768
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.10262939497598703
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:+rHrCDspEjVl/PnnnnnnnnnnnvoQ/Eou:+LJoPnnnnnnnnnnnv1j
                                                                                                                                                                                                                                                                                                                  MD5:D3C7474F973F992C185B8DFAEE0F8B4A
                                                                                                                                                                                                                                                                                                                  SHA1:2E7A1E94D8BC3B4B932204B6AB6BEB0582D34096
                                                                                                                                                                                                                                                                                                                  SHA-256:A8489D316D1656D0C82C504612161F188634DF8D92F32E9D2A2019536FD75F6C
                                                                                                                                                                                                                                                                                                                  SHA-512:D4A0B9B862A26C488C9DFDB68FF4B4A74F7EE4AE46F4E44647C49345BF81F274E0FBA0AD7C87CFAF8B7E677A390AB8E2597CD59F4481FA86E42366B6407F510B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:..-.............M......._.r...G.$J...V...4..l.L..-.............M......._.r...G.$J...V...4..l.L........I...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):317272
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.8917120992745953
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:384:HF4DpExmkzk1oEb6t7T8xZ1FM7v86ydylgygyZkymxyKi:xl+Y
                                                                                                                                                                                                                                                                                                                  MD5:F6F3D0372CBC6FED2B33C0355089A21F
                                                                                                                                                                                                                                                                                                                  SHA1:2B78E4E2B96070ED0DD22F01A05EDFEB6143C6C5
                                                                                                                                                                                                                                                                                                                  SHA-256:5028D45D957387D1493405D3214C3BD96D9F83EC198F37295E2695BEC9114F4B
                                                                                                                                                                                                                                                                                                                  SHA-512:201ECF56E2E40D18D3FDC4AFF534ED38F11A71CE2F64892EABBF7D6CAE9B1DBF2559248F4EF81D7C85097AB06B46D832E810517958C4099BC4107608556D4260
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:7....-..........$J...V....M7'.z.........$J...V..h.IR..4.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):628
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.24195411185161
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:p9lc8QyOuuuuuuuuuuuuuuuuuuuuuuuG8K:pHay2
                                                                                                                                                                                                                                                                                                                  MD5:602B27C997403E74559DD87102E1E20C
                                                                                                                                                                                                                                                                                                                  SHA1:2295BB2B64B25BCC16CB2F8490A3FA83EF56340E
                                                                                                                                                                                                                                                                                                                  SHA-256:AAC0F8AB18BFB978288BBF3EC0C71755BE5D63EADF969902F20F39BEEF06C0BD
                                                                                                                                                                                                                                                                                                                  SHA-512:8D8BA1639CE8FAE0EEA7B252E175AC0446A2B8EAEB9866EACFCC6525679DBB306EE7706FA842EAE7D180754BAD8BB000C4FAFBD58FF0915A884EC79443024AD0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:A..r.................20_1_1...1.,U.................20_1_1...1..$.0................39_config..........6.....n ...1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............I...0................39_config..........6.....n ....1

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.2657725551574455
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeCcq2PN723oH+TcwtfrK+IFUtFHeXTZmw7HeXJkwON723oH+TcwtfrUeLJ:77cvVaYeb23FUtKT/cJ5OaYeb3J
                                                                                                                                                                                                                                                                                                                  MD5:351BF0BAF1A6F0970C5EBE41700591AD
                                                                                                                                                                                                                                                                                                                  SHA1:CC65DA9A0E717C9A020D2219BECD47B9692AC82A
                                                                                                                                                                                                                                                                                                                  SHA-256:3BA7148194A416E0FF87DCEE39DE15F225954345416DEE27396DF4F0503602D0
                                                                                                                                                                                                                                                                                                                  SHA-512:BD4D072BF339B1A0E93F6462FAA11B404856048B9062FFB18B21DB3E9562D7ED31184E2B5B8FE4C0975F961EF3C237388C1DBC804BAEE33E91FDF5DEB754E990
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:28.966 1f94 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2025/02/13-02:36:28.967 1f94 Recovering log #3.2025/02/13-02:36:28.967 1f94 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.2657725551574455
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeCcq2PN723oH+TcwtfrK+IFUtFHeXTZmw7HeXJkwON723oH+TcwtfrUeLJ:77cvVaYeb23FUtKT/cJ5OaYeb3J
                                                                                                                                                                                                                                                                                                                  MD5:351BF0BAF1A6F0970C5EBE41700591AD
                                                                                                                                                                                                                                                                                                                  SHA1:CC65DA9A0E717C9A020D2219BECD47B9692AC82A
                                                                                                                                                                                                                                                                                                                  SHA-256:3BA7148194A416E0FF87DCEE39DE15F225954345416DEE27396DF4F0503602D0
                                                                                                                                                                                                                                                                                                                  SHA-512:BD4D072BF339B1A0E93F6462FAA11B404856048B9062FFB18B21DB3E9562D7ED31184E2B5B8FE4C0975F961EF3C237388C1DBC804BAEE33E91FDF5DEB754E990
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:28.966 1f94 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2025/02/13-02:36:28.967 1f94 Recovering log #3.2025/02/13-02:36:28.967 1f94 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):816
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.0647916882227655
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:G0nYUtTNop//z32m5t/yVf9HqlIZfkBA//DtKhKg+rOyBrgxvB1ySxs:G0nYUtypD32m3yWlIZMBA5NgKIvB8Sxs
                                                                                                                                                                                                                                                                                                                  MD5:3BE72D8D40752B3A97028FDB2931FABA
                                                                                                                                                                                                                                                                                                                  SHA1:A27EA4726857A948F0A4B074062B674469A9A371
                                                                                                                                                                                                                                                                                                                  SHA-256:3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902
                                                                                                                                                                                                                                                                                                                  SHA-512:8EBD4D6980BB7796615217E72BC65953C920B68B9259341CD52858C1E889EC90339E2A304FE0C971D6C6EF9AFC4A00CFB3E5CC89C7B2DF8737A0C7EC241BDADC
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....X...................20_.....W.J+.................19_......qY.................18_.....'}2..................37_.......c..................38_......i...................39_.....Owa..................20_.....4.9..................20_.....B.I..................19_..........................18_.....2.1..................37_..........................38_......=.%.................39_.....p.j..................9_.....JJ...................9_.....|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ......................__global... .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):346
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.2252347274349615
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeXEjL+q2PN723oH+TcwtfrzAdIFUtFHe3L1Zmw7He3dLVkwON723oH+TcwtS:7+EjyvVaYeb9FUtwB/edR5OaYeb2J
                                                                                                                                                                                                                                                                                                                  MD5:2199767C94AD0C416770954300FF88B9
                                                                                                                                                                                                                                                                                                                  SHA1:5FA7FE5116E0C6FCF95468986AA4B54B18B2082F
                                                                                                                                                                                                                                                                                                                  SHA-256:A60D22D27F58F3EA901AF03D773960C393278CB8C38E0CAA5E731B4AAC6DC9E9
                                                                                                                                                                                                                                                                                                                  SHA-512:35C1F78DDB321348CCD0227F1A2F5AF99795BEF268DD821031F88664E50E7EA5759D320F037C4D0EB8F2D92D2C1DE1A85B1812EEE18C1694C4E681DCB613D752
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:28.953 1f18 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2025/02/13-02:36:28.954 1f18 Recovering log #3.2025/02/13-02:36:28.954 1f18 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):346
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.2252347274349615
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:iOXHeXEjL+q2PN723oH+TcwtfrzAdIFUtFHe3L1Zmw7He3dLVkwON723oH+TcwtS:7+EjyvVaYeb9FUtwB/edR5OaYeb2J
                                                                                                                                                                                                                                                                                                                  MD5:2199767C94AD0C416770954300FF88B9
                                                                                                                                                                                                                                                                                                                  SHA1:5FA7FE5116E0C6FCF95468986AA4B54B18B2082F
                                                                                                                                                                                                                                                                                                                  SHA-256:A60D22D27F58F3EA901AF03D773960C393278CB8C38E0CAA5E731B4AAC6DC9E9
                                                                                                                                                                                                                                                                                                                  SHA-512:35C1F78DDB321348CCD0227F1A2F5AF99795BEF268DD821031F88664E50E7EA5759D320F037C4D0EB8F2D92D2C1DE1A85B1812EEE18C1694C4E681DCB613D752
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:2025/02/13-02:36:28.953 1f18 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2025/02/13-02:36:28.954 1f18 Recovering log #3.2025/02/13-02:36:28.954 1f18 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):120
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                                                  MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                                                  SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                                                  SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                                                  SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):13
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):2.6612262562697895
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:NYLFRQZ:ap2Z
                                                                                                                                                                                                                                                                                                                  MD5:B64BD80D877645C2DD14265B1A856F8A
                                                                                                                                                                                                                                                                                                                  SHA1:F7379E1A6F8CE062E891C56736C789C7EA77CD6A
                                                                                                                                                                                                                                                                                                                  SHA-256:83476CEEEB7682F41030664B4E17305986878D14E82D0C277FB99EC546B44569
                                                                                                                                                                                                                                                                                                                  SHA-512:734A7316A269C76DD052D980CC0D5209C0BFEDFFC55B11C58FA25C433CE8A42536827298C3E58CACD68CC01593C23D39350E956E8DE2268D8D29918E1F0667F2
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:117.0.2045.55

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0897842626855185
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsdi1zNtPMjkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynkAkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:F80507D3D17F5FC7A7BD034355D294FE
                                                                                                                                                                                                                                                                                                                  SHA1:9F822518AFF4697799D476205B9E3EDC2DCDF229
                                                                                                                                                                                                                                                                                                                  SHA-256:CC46BB2F3C56BB2FC82F15D0DFA340F0EC2FB4D719F08E5FA50787700AA6A93C
                                                                                                                                                                                                                                                                                                                  SHA-512:1C71AB4693F86D06DA0D3E67CBE34054CF933337395AF1B14BF0F2F18D1A3B594A5CE1B1D4EDB1B03D83BB06CA3900CDC22CCF70EF982BEB646972A3AFA8FE7F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF45deb.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0897842626855185
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsdi1zNtPMjkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynkAkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:F80507D3D17F5FC7A7BD034355D294FE
                                                                                                                                                                                                                                                                                                                  SHA1:9F822518AFF4697799D476205B9E3EDC2DCDF229
                                                                                                                                                                                                                                                                                                                  SHA-256:CC46BB2F3C56BB2FC82F15D0DFA340F0EC2FB4D719F08E5FA50787700AA6A93C
                                                                                                                                                                                                                                                                                                                  SHA-512:1C71AB4693F86D06DA0D3E67CBE34054CF933337395AF1B14BF0F2F18D1A3B594A5CE1B1D4EDB1B03D83BB06CA3900CDC22CCF70EF982BEB646972A3AFA8FE7F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF45e2a.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0897842626855185
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsdi1zNtPMjkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynkAkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:F80507D3D17F5FC7A7BD034355D294FE
                                                                                                                                                                                                                                                                                                                  SHA1:9F822518AFF4697799D476205B9E3EDC2DCDF229
                                                                                                                                                                                                                                                                                                                  SHA-256:CC46BB2F3C56BB2FC82F15D0DFA340F0EC2FB4D719F08E5FA50787700AA6A93C
                                                                                                                                                                                                                                                                                                                  SHA-512:1C71AB4693F86D06DA0D3E67CBE34054CF933337395AF1B14BF0F2F18D1A3B594A5CE1B1D4EDB1B03D83BB06CA3900CDC22CCF70EF982BEB646972A3AFA8FE7F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF45fc0.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0897842626855185
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsdi1zNtPMjkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynkAkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:F80507D3D17F5FC7A7BD034355D294FE
                                                                                                                                                                                                                                                                                                                  SHA1:9F822518AFF4697799D476205B9E3EDC2DCDF229
                                                                                                                                                                                                                                                                                                                  SHA-256:CC46BB2F3C56BB2FC82F15D0DFA340F0EC2FB4D719F08E5FA50787700AA6A93C
                                                                                                                                                                                                                                                                                                                  SHA-512:1C71AB4693F86D06DA0D3E67CBE34054CF933337395AF1B14BF0F2F18D1A3B594A5CE1B1D4EDB1B03D83BB06CA3900CDC22CCF70EF982BEB646972A3AFA8FE7F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF486c0.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0897842626855185
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsdi1zNtPMjkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynkAkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:F80507D3D17F5FC7A7BD034355D294FE
                                                                                                                                                                                                                                                                                                                  SHA1:9F822518AFF4697799D476205B9E3EDC2DCDF229
                                                                                                                                                                                                                                                                                                                  SHA-256:CC46BB2F3C56BB2FC82F15D0DFA340F0EC2FB4D719F08E5FA50787700AA6A93C
                                                                                                                                                                                                                                                                                                                  SHA-512:1C71AB4693F86D06DA0D3E67CBE34054CF933337395AF1B14BF0F2F18D1A3B594A5CE1B1D4EDB1B03D83BB06CA3900CDC22CCF70EF982BEB646972A3AFA8FE7F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4aeca.TMP (copy)

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0897842626855185
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsdi1zNtPMjkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynkAkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:F80507D3D17F5FC7A7BD034355D294FE
                                                                                                                                                                                                                                                                                                                  SHA1:9F822518AFF4697799D476205B9E3EDC2DCDF229
                                                                                                                                                                                                                                                                                                                  SHA-256:CC46BB2F3C56BB2FC82F15D0DFA340F0EC2FB4D719F08E5FA50787700AA6A93C
                                                                                                                                                                                                                                                                                                                  SHA-512:1C71AB4693F86D06DA0D3E67CBE34054CF933337395AF1B14BF0F2F18D1A3B594A5CE1B1D4EDB1B03D83BB06CA3900CDC22CCF70EF982BEB646972A3AFA8FE7F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.6773696719930975
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:TLpUAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3islRud6zcQAJmdngzQdoO:TLiOUOq0afDdWec9sJhOs3fsuZ7J5fc
                                                                                                                                                                                                                                                                                                                  MD5:6FFCCB198DC6B17E165460E6E246B03C
                                                                                                                                                                                                                                                                                                                  SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                                                                                                                                                                                                                                                                                                                  SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                                                                                                                                                                                                                                                                                                                  SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):47
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                                                  MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                                                  SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                                                  SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                                                  SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):35
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                                                  MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                                                  SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                                                  SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                                                  SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):81
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                                                  MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                                                  SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                                                  SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                                                  SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):130439
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                                                  MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                                                  SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                                                  SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                                                  SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                                                  MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                                                  SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                                                  SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                                                  SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):57
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                                                  MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                                                  SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                                                  SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                                                  SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):29
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                                                  MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                                                  SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                                                  SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                                                  SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):575056
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                                                  MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                                                  SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                                                  SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                                                  SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):460992
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                                                                  SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                                                  MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                                                  SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                                                  SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                                                  SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):9
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                                                  MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                                                  SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                                                  SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                                                  SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:uriCache_

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):179
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.006248828862482
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAclcocXnQy:YWLSGTt1o9LuLgfGBPAzkVj/T8lcoQ
                                                                                                                                                                                                                                                                                                                  MD5:FEDDFCB4B53F0AB0D60CAA1D58349F34
                                                                                                                                                                                                                                                                                                                  SHA1:361DE4F4BADD5C2D4904208BA7DD92B0C39A8F85
                                                                                                                                                                                                                                                                                                                  SHA-256:5436F8E941EE6CF43A9682D4FEC53682A90826BA5B83D9793A1DBB4AE57F6922
                                                                                                                                                                                                                                                                                                                  SHA-512:49977060249A68099571AF2A827839DA763F633C010A82106FDFF39ACC0FA9BDD2419378167D6D6AB714DF71724A587D87F4460D8D4E2711E7E00C2C04016804
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1739532992539075}]}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):86
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQp:YQ3Kq9X0dMgAEwjj
                                                                                                                                                                                                                                                                                                                  MD5:F732DBED9289177D15E236D0F8F2DDD3
                                                                                                                                                                                                                                                                                                                  SHA1:53F822AF51B014BC3D4B575865D9C3EF0E4DEBDE
                                                                                                                                                                                                                                                                                                                  SHA-256:2741DF9EE9E9D9883397078F94480E9BC1D9C76996EEC5CFE4E77929337CBE93
                                                                                                                                                                                                                                                                                                                  SHA-512:B64E5021F32E26C752FCBA15A139815894309B25644E74CECA46A9AA97070BCA3B77DED569A9BFD694193D035BA75B61A8D6262C8E6D5C4D76B452B38F5150A4
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":1}

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a986910d-890e-4f09-824a-75ec1c311dfe.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):45846
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.086991258847727
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:FMkbJ6eg6KzhXRLrDKK0vOi1zNtzdjxMsUK9G/7oHx7wG1Cio1JDSgzMMd6qD47o:FMk16zRRvDK/ZdjxgKzP1Fo1tSmd6qEU
                                                                                                                                                                                                                                                                                                                  MD5:CCC8A2F3EDA3B81C5112D56BC6AC5550
                                                                                                                                                                                                                                                                                                                  SHA1:703AA8F2B2AC6AF0AFD75C211B3E9C9A1A960AD9
                                                                                                                                                                                                                                                                                                                  SHA-256:A94C0748B839754AA389A37AA067140BEAF64A6058DF02ACADD24E0BD09FBE98
                                                                                                                                                                                                                                                                                                                  SHA-512:BFB3F2B671950720B1DDE8615B9ADCC224D78AEF2A26AA4E1A981CA490D3BBD9D30F92ED9EE3D54468EF1963B44FF9A856A0AE998C277E888348686B934EE232
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13383905788966629","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"continuous_migration":{"local_guid":"14a8df8a-a72e-439b-bfa6-34c91463d7b4"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6q

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ab38f359-29bf-47e0-8e7b-46a2f95e742e.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                                                                  Size (bytes):44898
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.095558726535502
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kW0e/i1zNtzdjxMsUKNq9XnXXtoQEsKJDSgzMMd6qDg:+/Ps+wsI7yn7/djxgKSKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:361B07240D2E00B40B939D419E88C2A7
                                                                                                                                                                                                                                                                                                                  SHA1:AD336F91A1C1323A12ACC850C8CBD0F55E9D6A86
                                                                                                                                                                                                                                                                                                                  SHA-256:7A859B234375FF9E1BDB6BDF8966B81F1694C82BEF4D629F3C2FF7FF179FB548
                                                                                                                                                                                                                                                                                                                  SHA-512:A70676E12F3BCC635D6549D2B64A6C579635481E2797E4258CF0890B46722707C345A6BEC791AFFDCD4B14C1A1D0FE3FA825D6BAC91B3FFA7CCF4C0DB3436D25
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b4a93c00-6f76-4172-9743-8d4d1008d84a.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44996
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0954383560324805
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4xW0G/i1zNtzdjxMsUK9G/7oHx7KJDSgzMMd6qD47u3S:+/Ps+wsI7yO73djxgKzKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:C42A37CB9D3CC61158E2C75A6D6CADA4
                                                                                                                                                                                                                                                                                                                  SHA1:186C9155701E95770E847080AF9A2EB13219765F
                                                                                                                                                                                                                                                                                                                  SHA-256:C6EBEDD23F8AD99402AA1266A3EFEBE93570F568E466A36DED858F9B08BAAC9B
                                                                                                                                                                                                                                                                                                                  SHA-512:4AAD1A212A08DCE13A68D7987F3907921F73F6628245F7A861ACFE91E574A9D9CDFC0C34DDD7E73F756BB24A9CA8CC31012F77489D47619D2B797F624F5C7D98
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d932a419-ba56-4381-ac6f-9d645c6b1de6.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):45799
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.087273592922013
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:FMkbJ6eg6KzhXRLrDKK0dOi1zNtzdjxMsUK9G/7oHx7wG1Cio1JDSgzMMd6qD47o:FMk16zRRvDK/XdjxgKzP1Fo1tSmd6qEU
                                                                                                                                                                                                                                                                                                                  MD5:019E86218009C02105D6DD83F9647CD4
                                                                                                                                                                                                                                                                                                                  SHA1:52138E02BB7DDC0A3C9538774ABA3AD2EB76AC2C
                                                                                                                                                                                                                                                                                                                  SHA-256:1F10D3CA1B0DDE5D3D151B34771253506C50ECE384C9E0E32488D21651A8045D
                                                                                                                                                                                                                                                                                                                  SHA-512:DC9F32A27C5C16145B66C98884F1F9D3F2932F24E0A635131D18B8BCDB2EE2FC9F02D752D00686F4532A43A38AE65919B8547974BA600DC1FDDF630EA277136A
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13383905788966629","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"continuous_migration":{"local_guid":"14a8df8a-a72e-439b-bfa6-34c91463d7b4"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6q

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f16e3e2c-250f-4b2b-b4f5-df946b3778cc.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.0897842626855185
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsdi1zNtPMjkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynkAkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                  MD5:F80507D3D17F5FC7A7BD034355D294FE
                                                                                                                                                                                                                                                                                                                  SHA1:9F822518AFF4697799D476205B9E3EDC2DCDF229
                                                                                                                                                                                                                                                                                                                  SHA-256:CC46BB2F3C56BB2FC82F15D0DFA340F0EC2FB4D719F08E5FA50787700AA6A93C
                                                                                                                                                                                                                                                                                                                  SHA-512:1C71AB4693F86D06DA0D3E67CBE34054CF933337395AF1B14BF0F2F18D1A3B594A5CE1B1D4EDB1B03D83BB06CA3900CDC22CCF70EF982BEB646972A3AFA8FE7F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2278
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.8423642562596827
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:uiTrlKxrgx53xl9Il8uUHjg0FHWT07yOUxd1rc:moDYmjg0F2w7FUS
                                                                                                                                                                                                                                                                                                                  MD5:46D101E8CA74E570861A7811C16DACA1
                                                                                                                                                                                                                                                                                                                  SHA1:A2F1F68259D30496AF26BB6C7E6BE25EEB12E63C
                                                                                                                                                                                                                                                                                                                  SHA-256:CF2685E54645078B11747433F16693E68D999B649E40FBB7A2F33251102E7C9C
                                                                                                                                                                                                                                                                                                                  SHA-512:B938E2CD0908BC3CDF70BCEEBC44482A71C5CE9B86F02BE316D4A4DF08361E9DB9F388754E4859FBA4A03E727F84AD00150019B192D2524AE8D1C95C96E74496
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.G.g.p.Y.v.J.9.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.I.c.b.e.O./.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):4622
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.006821858808129
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:uiTrlKxExqxD9Il8uURHwJ2QoTB7mUsFsoiCxEgCdmXZyd0i5kHO1Pr+E2DfwlGQ:oYbkQoBQrxBeeyxkHEPrBnLcOz4t8kO
                                                                                                                                                                                                                                                                                                                  MD5:B067CADEDCEF8A04482877152BC56E31
                                                                                                                                                                                                                                                                                                                  SHA1:C716D68922D783A43B4A9D18F4737C0BDB84EFBA
                                                                                                                                                                                                                                                                                                                  SHA-256:6E8EF96C62A1693E0F85BBE38C9C890CAFB549C41EADB0F278B1BFADAAA460A3
                                                                                                                                                                                                                                                                                                                  SHA-512:4718664C53D2ECE12A9EBE727F31FE28EA633511B5EE766716D088817446B61B97A507C037933A83819FCED58A3FAB299903C56FC3E722ABC1184015EDB1697E
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".4.d.E.5.R.+.p.9.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.I.c.b.e.O./.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2684
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.8966914611212884
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:uiTrlKx68Wa7xBuxl9Il8uUNRCQ3Yy53bynv08YUfOgzTqjGraJBAzhd/vc:azKYARj5rcvHYUfzQGraJBAk
                                                                                                                                                                                                                                                                                                                  MD5:2AEB267F14BB984FBCB85606DFD59722
                                                                                                                                                                                                                                                                                                                  SHA1:583762F3D5FD1965BFA9B6E5A0519672E46D6E12
                                                                                                                                                                                                                                                                                                                  SHA-256:8FA9C7FBA12D5521F08E008C389032FC674B027A2FD73D381273B41222EB660E
                                                                                                                                                                                                                                                                                                                  SHA-512:0739BC5720EDACAC913B27C1E8E0918BB37BA15DD782484C051B2E80435DC7E0A429BF8777892FE8D1042C95BFA94E64B0DEB3805EDE3E8E785B27BDB3735549
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".C.K.P.8.d.7.u.c.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.I.c.b.e.O./.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\json[1].json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):3500
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.396019869983838
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:6NnCCHC6NnCIbCsNnC49CmNnCNdgECaNnCECcNnCEw4DCEzXNnCwwCsNnCe3CW:6NtNFNHNO5NfNbw437NRONZ
                                                                                                                                                                                                                                                                                                                  MD5:C5800C994354D64227BBA588D60F6003
                                                                                                                                                                                                                                                                                                                  SHA1:F4DD517AAB0395C3878A1AB1C329D8FB1339B11B
                                                                                                                                                                                                                                                                                                                  SHA-256:F1052461E248F2F5EAF136FA3F34C40AB113643DC988837185CF350AA5472492
                                                                                                                                                                                                                                                                                                                  SHA-512:C771A72FB013B6F063AFE8374B92EE5C7C330A869AF4C85BBF80C2E794A27728B3BE75DC5DD68E408AE5AC7A5FA583228E40E318D8C713C9C5C4F3846A0F6276
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/E9B08EEE0BC3E644FD583A60017014C2",.. "id": "E9B08EEE0BC3E644FD583A60017014C2",.. "title": "Microsoft Voices",.. "type": "background_page",.. "url": "chrome-extension://jdiccldimpdaibmpdkjnbmckianbfold/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/E9B08EEE0BC3E644FD583A60017014C2"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/2F67225FF5D96D994136C774D8050E79",.. "id": "2F67225FF5D96D994136C774D8050E79",.. "title": "WebRTC Internals Extension",.. "type": "background_page",.. "url": "chrome-extension://ncbjelpjchkpbikbpkcchkhkblodoama/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/2F67225FF5D96D994136C774D8050E79"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\json[1].json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1787
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.371627987612193
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:SfNaoCwiTECw6fNaoCe28CevfNaoCZCYfNaoCKZ0UrU0U8C+:6NnCwiTECwCNnCMCQNnCZCkNnCm0UrUU
                                                                                                                                                                                                                                                                                                                  MD5:0EF08D73090C0008CA1E46E9EF6E9E83
                                                                                                                                                                                                                                                                                                                  SHA1:78963935D4CCA54692BA965560429069F67BE38D
                                                                                                                                                                                                                                                                                                                  SHA-256:B45E5121E9A27FC6E9A7AB8405E3DB451656B9618B4E777187B8DF2A2435DDF6
                                                                                                                                                                                                                                                                                                                  SHA-512:574E561F91B006DB9FB428EA05B86415418DB5DD851278C07B537BB19DAC29BDD1814F2FB8EF1D8B0098A90808CD5A950B2D90B469858ED6AC0467AE12DCDC81
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/E8F196690D1249FDE919813494501C66",.. "id": "E8F196690D1249FDE919813494501C66",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/E8F196690D1249FDE919813494501C66"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/FB8D5878D651017C1FAEEE5824D03865",.. "id": "FB8D5878D651017C1FAEEE5824D03865",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/FB8D5878D651017C1FAEEE5824D03865"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtoo

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\0bede401-353a-43b5-a1da-c4c3f4e37cfb.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):154255
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.844315193710191
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:IH0Gn9mK7OlWbWd/4yjbZH/FZnUO5wYrfzeIX74kwjFMziwmNfxL15tUyH:IUG9mKqlzgyjbZH/jUyLXUkwjF971FUi
                                                                                                                                                                                                                                                                                                                  MD5:240CD355E89EC1F3566BB2EF1F361DAD
                                                                                                                                                                                                                                                                                                                  SHA1:2ADE60EB20F0FB16657A4FB024D207A931DC927F
                                                                                                                                                                                                                                                                                                                  SHA-256:1F0388D23A4D8492E2F9839392B22A6957DEAE8750B60FF860EE939811594295
                                                                                                                                                                                                                                                                                                                  SHA-512:961FE2017949D185761D8491AB4F7F2EC3B0562CFB6FEF202C34D685A87F2EA032F53D653E4C1D492DFF1FB43D738E7727985738C1A956A1A18AAE77A3D7F3B6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[..........gE5.*B1_+.)l\....n.sj.n.-.su....kM.`..w..k..u.L..G_9a ..=H..Ag.i.a. .&f!t....s. ............Fy.Cu..a9.C........f7...CW.e._.Zy.W.t.`z.B....k....|$......G.PI/x]_...L.j..<at...%w.....K,y......s&.....%.4)p...........-2)/....P.....H.;m...}.CP..$E....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E. $.I....D....h.n.8......y.|.{5.!.!..@.9.E.o..x...=..}..<.......W".%............mo.:......|F....|{H0..S._....0-.ChC..h.....:.....R%Z....u/.....Y_...8./....>.).....OogU.......P.W.a...._..c,..RH}.......m#3..2.U=.O...~....2.H.O...F..Y.j..2....o.......*.......6..?.........{........|.^....1s..H..#.'.O..Q_....+."

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\0c19cd38-a99a-40a6-adb5-cb9890605719.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\1eea3669-985e-47e9-9d96-83ea5f91c137.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\7e7c3586-add8-4696-a616-45b012eae9cb.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):101119
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.948873349909942
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:voLuGNPaykTtvzz6YGqne1A6FpitwN/HZQWPqLvdy+NzovrRI5i7TCGpOxdD:vo7yTtvedFphPgvYe8WMTzpOH
                                                                                                                                                                                                                                                                                                                  MD5:4F1D10334E15AFFA2098D05D19E6B94D
                                                                                                                                                                                                                                                                                                                  SHA1:383AD23B39570CCCA00F87137448BFF7DF3983AD
                                                                                                                                                                                                                                                                                                                  SHA-256:C51BEC2E2B8EBFBFE82B1F5FC30EA976963809DA4F56F6B4A1C8DF0E2A8169AC
                                                                                                                                                                                                                                                                                                                  SHA-512:1FE81B6C9DC94A2456EF8DC0718226A45356FF3F1630FF46E28234AB68EEE3B0C8E492CF5EC8CACA3C61407ED6DE4F7A293DD568626DAF33EB3CA82B132D749B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<...qiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c014 79.151481, 2013/03/13-12:09:15 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:695f8e9f-409d-324a-b50a-1e3067707628" xmpMM:DocumentID="xmp.did:91EA24D7191011E5B1FF9488C51C29D1" xmpMM:InstanceID="xmp.iid:91EA24D6191011E5B1FF9488C51C29D1" xmp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6a6b844a-8117-4c4c-9b2f-30d3769ed7c7" stRef:documentID="xmp.did:695f8e9f-409d-324a-b50a-1e3067707628"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>^.i.....IDATx.bb .0..;./..;@...A.P9F...y

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\ac77011e-5a24-4b20-abba-90719e7c94f5.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):11185
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                  MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                  SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                  SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                  SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\b1b407a8-8b70-4699-bac0-cccf6697256f.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):31335
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.694019108205432
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:768:514ugFV0910SWyR5kNVdS3sNp/xm3MbiMuYEDlyFUyv6E/ty8:5WcDWyRKNVd2M/IxMuYEDlymsTQ8
                                                                                                                                                                                                                                                                                                                  MD5:6B72597205C77D3E40E1A35BEE403801
                                                                                                                                                                                                                                                                                                                  SHA1:6BECEE055C6E057AF9475B6D651B4EE561D02F20
                                                                                                                                                                                                                                                                                                                  SHA-256:C899297FBDFC88C1634B1145A087FDB5BE17172FD786C078B299557B22F06DEB
                                                                                                                                                                                                                                                                                                                  SHA-512:7CB1A98E0C7FBB349D9CB681233A9F4ED22A1C3FAADCDF1BC270B04BD97D3FC41AB6F762B2F5F231281D63D96AC3D243640BA81D5E8CCD9F54486B4F538CA8B4
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1658
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.411336518119385
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:Y4MfJVe5wMd5wMe07cIF5Io0MY5kU2A0OpJ5xnL0MotJ5VovUx0U725i10ld5M:JIVuwEw5MUFZLBQLtzWRM
                                                                                                                                                                                                                                                                                                                  MD5:E1480DA9FC4FF8E3F5247B49DDE30191
                                                                                                                                                                                                                                                                                                                  SHA1:EA84BEB4BE85D911EB6823A5C1C5C60299978C96
                                                                                                                                                                                                                                                                                                                  SHA-256:F22B18EF7061BA961E24A0B8CC4D69572C72E0B7D8B222DED47C6D41B207F349
                                                                                                                                                                                                                                                                                                                  SHA-512:152AEDF104124EEA9632EFD366F858C0076987E944746072E380D5429DBA2482533D8C701BC1E766FF4DBFA7060EE061A30CFDBE9E5973E8610002076A3AFEB4
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"logTime": "1005/061810", "correlationVector":"0kV+/vRB8ay0a3Cue7mk6o","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/061810", "correlationVector":"AFo3IfjRT+3l4ojiXpMdNH","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/061810", "correlationVector":"838E3BF9A44F456CB4AD62AC737EDD15","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/063233", "correlationVector":"2N8fwTcZh6EtTfQ8o4+6aX","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/063233", "correlationVector":"5ADEBA42608E4CC9A1FACA719F284CF9","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/063346", "correlationVector":"xp/hBMCdVPtUIxZHIviv/x","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/063347", "correlationVector":"BF0B9E58C0CC45ED9AB5D0371131E69A","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/064305", "correlationVector":"ONVjsWDap1LyjIRdxsqPGs","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/064305", "correlationVector":"82E52491

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\0bede401-353a-43b5-a1da-c4c3f4e37cfb.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):154255
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.844315193710191
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:IH0Gn9mK7OlWbWd/4yjbZH/FZnUO5wYrfzeIX74kwjFMziwmNfxL15tUyH:IUG9mKqlzgyjbZH/jUyLXUkwjF971FUi
                                                                                                                                                                                                                                                                                                                  MD5:240CD355E89EC1F3566BB2EF1F361DAD
                                                                                                                                                                                                                                                                                                                  SHA1:2ADE60EB20F0FB16657A4FB024D207A931DC927F
                                                                                                                                                                                                                                                                                                                  SHA-256:1F0388D23A4D8492E2F9839392B22A6957DEAE8750B60FF860EE939811594295
                                                                                                                                                                                                                                                                                                                  SHA-512:961FE2017949D185761D8491AB4F7F2EC3B0562CFB6FEF202C34D685A87F2EA032F53D653E4C1D492DFF1FB43D738E7727985738C1A956A1A18AAE77A3D7F3B6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[..........gE5.*B1_+.)l\....n.sj.n.-.su....kM.`..w..k..u.L..G_9a ..=H..Ag.i.a. .&f!t....s. ............Fy.Cu..a9.C........f7...CW.e._.Zy.W.t.`z.B....k....|$......G.PI/x]_...L.j..<at...%w.....K,y......s&.....%.4)p...........-2)/....P.....H.;m...}.CP..$E....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E. $.I....D....h.n.8......y.|.{5.!.!..@.9.E.o..x...=..}..<.......W".%............mo.:......|F....|{H0..S._....0-.ChC..h.....:.....R%Z....u/.....Y_...8./....>.).....OogU.......P.W.a...._..c,..RH}.......m#3..2.U=.O...~....2.H.O...F..Y.j..2....o.......*.......6..?.........{........|.^....1s..H..#.'.O..Q_....+."

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):4982
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                                                  MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                                                  SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                                                  SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                                                  SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):908
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                                                  MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                                                  SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                                                  SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                                                  SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1285
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                                                  MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                                                  SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                                                  SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                                                  SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1244
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                                                  MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                                                  SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                                                  SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                                                  SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):977
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                                                  MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                                                  SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                                                  SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                                                  SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):3107
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                                                  MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                                                  SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                                                  SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                                                  SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1389
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                                                  MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                                                  SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                                                  SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                                                  SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1763
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                                                  MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                                                  SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                                                  SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                                                  SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):930
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                                                  MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                                                  SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                                                  SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                                                  SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):913
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                                                  MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                                                  SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                                                  SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                                                  SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):806
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                                                  MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                                                  SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                                                  SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                                                  SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):883
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                                                  MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                                                  SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                                                  SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                                                  SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1031
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                                                  MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                                                  SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                                                  SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                                                  SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1613
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                                                  MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                                                  SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                                                  SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                                                  SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):851
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                  MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                  SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                  SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                  SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):851
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                  MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                  SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                  SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                  SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):848
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                                                  MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                                                  SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                                                  SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                                                  SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1425
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                                                  MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                                                  SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                                                  SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                                                  SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):961
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                                                  MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                                                  SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                                                  SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                                                  SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):959
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                                                  MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                                                  SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                                                  SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                                                  SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):968
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                                                  MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                                                  SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                                                  SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                                                  SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):838
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                                                  MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                                                  SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                                                  SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                                                  SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1305
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                                                  MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                                                  SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                                                  SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                                                  SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):911
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                                                  MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                                                  SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                                                  SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                                                  SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):939
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                                                  MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                                                  SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                                                  SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                                                  SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):977
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                                                  MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                                                  SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                                                  SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                                                  SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):972
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                                                  MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                                                  SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                                                  SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                                                  SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):990
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                                                  MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                                                  SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                                                  SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                                                  SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1658
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                                                  MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                                                  SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                                                  SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                                                  SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1672
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                                                  MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                                                  SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                                                  SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                                                  SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):935
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                                                  MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                                                  SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                                                  SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                                                  SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1065
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                                                  MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                                                  SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                                                  SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                                                  SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2771
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                                                  MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                                                  SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                                                  SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                                                  SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):858
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                                                  MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                                                  SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                                                  SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                                                  SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):954
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                                                  MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                                                  SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                                                  SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                                                  SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):899
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                                                  MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                                                  SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                                                  SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                                                  SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2230
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                                                  MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                                                  SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                                                  SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                                                  SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1160
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                                                  MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                                                  SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                                                  SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                                                  SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):3264
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                                                  MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                                                  SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                                                  SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                                                  SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):3235
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                                                  MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                                                  SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                                                  SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                                                  SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):3122
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                                                  MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                                                  SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                                                  SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                                                  SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1895
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                                                  MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                                                  SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                                                  SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                                                  SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1042
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                                                  MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                                                  SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                                                  SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                                                  SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2535
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                                                  MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                                                  SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                                                  SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                                                  SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1028
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                                                  MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                                                  SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                                                  SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                                                  SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):994
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                                                  MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                                                  SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                                                  SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                                                  SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2091
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                                                  MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                                                  SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                                                  SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                                                  SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2778
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                                                  MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                                                  SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                                                  SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                                                  SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1719
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                                                  MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                                                  SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                                                  SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                                                  SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):936
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                                                  MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                                                  SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                                                  SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                                                  SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):3830
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                                                  MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                                                  SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                                                  SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                                                  SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1898
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                                                  MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                                                  SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                                                  SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                                                  SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):914
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                                                  MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                                                  SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                                                  SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                                                  SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):878
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                                                  MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                                                  SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                                                  SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                                                  SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2766
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                                                  MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                                                  SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                                                  SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                                                  SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):978
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                                                  MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                                                  SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                                                  SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                                                  SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):907
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                                                  MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                                                  SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                                                  SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                                                  SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):914
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                                                  MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                                                  SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                                                  SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                                                  SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):937
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                                                  MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                                                  SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                                                  SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                                                  SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1337
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                                                  MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                                                  SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                                                  SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                                                  SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2846
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                                                  MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                                                  SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                                                  SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                                                  SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):934
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                                                  MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                                                  SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                                                  SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                                                  SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):963
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                                                  MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                                                  SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                                                  SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                                                  SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1320
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                                                  MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                                                  SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                                                  SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                                                  SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):884
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                                                  MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                                                  SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                                                  SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                                                  SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):980
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                                                  MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                                                  SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                                                  SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                                                  SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wuser popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1941
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                                                  MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                                                  SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                                                  SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                                                  SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1969
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                                                  MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                                                  SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                                                  SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                                                  SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1674
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                                                  MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                                                  SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                                                  SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                                                  SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1063
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                                                  MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                                                  SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                                                  SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                                                  SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1333
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                                                  MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                                                  SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                                                  SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                                                  SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1263
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                                                  MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                                                  SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                                                  SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                                                  SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1074
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                                                  MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                                                  SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                                                  SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                                                  SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):879
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                                                  MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                                                  SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                                                  SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                                                  SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1205
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                                                  MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                                                  SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                                                  SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                                                  SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):843
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                                                  MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                                                  SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                                                  SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                                                  SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):912
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                                                  MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                                                  SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                                                  SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                                                  SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):11280
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.748240576105777
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuHEIIMuuqd7CKqvatpGcT44iU:m8IEI4u8RAJ
                                                                                                                                                                                                                                                                                                                  MD5:6C41F52EBF3C6868F14E2687F7D9D6B2
                                                                                                                                                                                                                                                                                                                  SHA1:2F08EBD8740E1D64B299E6430E3317DBAF7F47D9
                                                                                                                                                                                                                                                                                                                  SHA-256:8A2DA780B5C51A957347195D86E1FCE3598606224754FCAE97DDCED4942116B4
                                                                                                                                                                                                                                                                                                                  SHA-512:F16CC71BB99B6E1FC4D4039C35C3181EF4CB3E3F99322C7D531FAF3F3B0686042B9C31CDF0683A2656E7F6DBBD75A59D19C174025134DC3DD74036F8BCFD1F9F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):854
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                                                  MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                                                  SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                                                  SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                                                  SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):2525
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.418203238250739
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1I9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APIgiVb
                                                                                                                                                                                                                                                                                                                  MD5:98ADC38C4318ADD89C5B01401DEBFCF9
                                                                                                                                                                                                                                                                                                                  SHA1:459C2B7228F30F1AAB9857ADA1B24199B781B8DF
                                                                                                                                                                                                                                                                                                                  SHA-256:963D84356FF71F7B650A0D717B3BE4B0C0D8A7763FCE3F2886CD72A5FAB36750
                                                                                                                                                                                                                                                                                                                  SHA-512:E7E99DF691584B137957407CB8077D84D7AFE070F10293D1FB16B37F9732355065F0C1118A657FFF0C89CC8A38E9F98337526FB35380C8F38CB88243CE2344F0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):97
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                                                  MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                                                  SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                                                  SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                                                  SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):122936
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.440289251010934
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:Lk7iwewEeGwmupwkcEERDvCouvhX+I7W4u1UxxxTMFtASiKICMGLbQDRXJinxdRV:yDVnEIX+Iy4kcMtASiKx3bmMx4w
                                                                                                                                                                                                                                                                                                                  MD5:B5EA8B89F4500FB68BD6481B4FF52ABC
                                                                                                                                                                                                                                                                                                                  SHA1:8E849F07EFF831D2058708288AD93C22705AB8A2
                                                                                                                                                                                                                                                                                                                  SHA-256:F6CC11D4A3A43B11D9408E9D2366D6388BF8733D68188CCD2969F7492D14B857
                                                                                                                                                                                                                                                                                                                  SHA-512:8741FD18A57C69F803F170B61E2CB133C52B79975BE500F18471A7033A95C5677F7A50E0560068E21CDD1ED64A84FDB51B937D33C78F9712F367EB53576C84DA
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):291
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                                                                  MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                                                                  SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                                                                  SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                                                                  SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_1888077737\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (4884)
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):131585
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.429091031410368
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:1536:M8uFrRy3O7BJohnbano/ANBC85Yw8CmXhpD9XLcc24vYzBqvKJ4EMFagkYr1SWOP:cAmnq00pXhN9XNCBqvKJMYk1VFwBf
                                                                                                                                                                                                                                                                                                                  MD5:AB7114131BE9625C6DA56A2EF9C11260
                                                                                                                                                                                                                                                                                                                  SHA1:5D264FB04E2D4866B29484A8D24CB88AB6D76BCB
                                                                                                                                                                                                                                                                                                                  SHA-256:BE65FDD71CD523B7E759D918E04AA2DD7CBE5F907570BB5BC367456796AA888A
                                                                                                                                                                                                                                                                                                                  SHA-512:477D20556C00FA76BF5246723EB4A251228D20666551BD22B8469CCAB04B0135A0F3F08B9A660FF01F7BBF82895F455E06CA3DA5D1DF6DD3A5A03D932FFFA38E
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:'use strict';function aa(){return function(a){return a}}function h(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_62070422\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):1753
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                                                  MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                                                  SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                                                  SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                                                  SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_62070422\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):9815
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                                                  MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                                                  SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                                                  SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                                                  SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_62070422\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):10388
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                                                  MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                                                  SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                                                  SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                                                  SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_62070422\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):962
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                                                  MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                                                  SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                                                  SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                                                  SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7824_62070422\ac77011e-5a24-4b20-abba-90719e7c94f5.tmp

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                                                                  Size (bytes):11185
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                  MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                  SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                  SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                  SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 507

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (4850)
                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                  Size (bytes):4855
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.80149773252043
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:kli4Fd66666eqG6perstK0nXhpniIMH6666VT1zsYm6XkO4tG1G9/3g05fffo:SRFd66666XG6pmsHXX9MH6666p1zs6vf
                                                                                                                                                                                                                                                                                                                  MD5:678BC2B20533F2E037EEBA9A49B4A3CA
                                                                                                                                                                                                                                                                                                                  SHA1:3010F86B8C4B5111788EFF628B1E9935A9185E44
                                                                                                                                                                                                                                                                                                                  SHA-256:9D1F9A61B055D36C1A1496F157C09338BAAE3612079B3397D67D3AB1D998B02E
                                                                                                                                                                                                                                                                                                                  SHA-512:24FF7ED7AEEB06D0D65F91187F68865533F31304524B4FA128CF27BD0F7066E73F181D9E2F05787318BF5C9A516D9224CFEE8567713C56734601ABB81644F99F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                                                                  Preview:)]}'.["",["nyt mini crossword clues","kingdom come deliverance","kingdom come deliverance","canned tuna recalls costco","eli tomac injury","nasa astronauts stuck in space","snow storm weather forecast","get tiktok app"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"google:entityinfo":"Cg0vZy8xMXZ6NHI0cTNsEgxDb25zb2xlIGdhbWUy7wpkYXRhOmltYWdlL2pwZWc7YmFzZTY0LC85ai80QUFRU2taSlJnQUJBUUFBQVFBQkFBRC8yd0NFQUFrR0J3Z0hCZ2tJQndnS0Nna0xEUllQRFF3TURSc1VGUkFXSUIwaUlpQWRIeDhrS0RRc0pDWXhKeDhmTFQwdE1UVTNPam82SXlzL1JEODRRelE1T2pjQkNnb0tEUXdOR2c4UEdqY2xIeVUzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM04vL0FBQkVJQUNzQVFBTUJJZ0FDRVFFREVRSC94QUFhQUFFQUFnTUJBQUFBQUFBQUFBQUFBQUFBQlFZQkF3UUgvOFFBTEJBQUFnSUJCQUVEQXdJSEFBQUFBQUFBQVFJREJCRUFCUkloQmlJeFFSTVVNaU5SQnhVV1FsSmhjZi9FQUJjQkFBTUJBQUFBQUFBQUFBQUFBQUFBQUFBQkF3TC94QUFjRVFBREFBSURBUUFBQ

                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 508

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                  Size (bytes):29
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):3.9353986674667634
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3:VQAOx/1n:VQAOd1n
                                                                                                                                                                                                                                                                                                                  MD5:6FED308183D5DFC421602548615204AF
                                                                                                                                                                                                                                                                                                                  SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                                                                                                                                                                                                                                                                                                                  SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                                                                                                                                                                                                                                                                                                                  SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  URL:https://www.google.com/async/newtab_promos
                                                                                                                                                                                                                                                                                                                  Preview:)]}'.{"update":{"promos":{}}}

                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 509

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (5162), with no line terminators
                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                  Size (bytes):5162
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.349865760247148
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:96:mtOTUb1db1ClNY5co7shdiUYVqig7O7aZCUgpgXEt94k+g8IHh8u928DoCLQ:mtOT8TfL1Vqig7mIg8IB8u88DA
                                                                                                                                                                                                                                                                                                                  MD5:70A8F21806E7F1B739937970EBE49A0C
                                                                                                                                                                                                                                                                                                                  SHA1:6BE9EEBCE438DE91FEB20E6A5458774B327AA9B4
                                                                                                                                                                                                                                                                                                                  SHA-256:C8B531CFD6E9BE13762E289820F67406331303CD5111A885DE959BF83DD0F5AC
                                                                                                                                                                                                                                                                                                                  SHA-512:3C055567D0ED53BD30773C0BE475DC7499E44AFB92FB05021029D9A0C1299A470CDD3A8CACCCF798D5345ED627C5836E9DF5955A120FE56BA3624EC76A673270
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.S4XVq7ljTQU.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTu2DxB2kN0cQ82G6LVzDDDtDSuJSg"
                                                                                                                                                                                                                                                                                                                  Preview:.gb_Q{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ka{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_La{fill:#f9ab00}.gb_H .gb_La{fill:#fdd663}.gb_Ma>.gb_La{fill:#d93025}.gb_H .gb_Ma>.gb_La{fill:#f28b82}.gb_Ma>.gb_Na{fill:white}.gb_Na,.gb_H .gb_Ma>.gb_Na{fill:#202124}.gb_Oa{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 510

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (65531)
                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                  Size (bytes):132000
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.437051528301366
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:M+lkn6pZfaevUAIzym1WIHBXWb3tT36z6x0zV:jK6jL8Lzym1WIHBX49T346AV
                                                                                                                                                                                                                                                                                                                  MD5:FD9882765F694A8185F217FBA3447949
                                                                                                                                                                                                                                                                                                                  SHA1:3E48DBEA54FA367CDDD01F9EA71CEECE07F2C8F7
                                                                                                                                                                                                                                                                                                                  SHA-256:18ED76DD4404DB26F1037967B418B2220EF104612BF9F6C6704E4ED242DE9B73
                                                                                                                                                                                                                                                                                                                  SHA-512:198E1324E0CB2594B6122B3BC00B9148DB848E199A83D2758365AD8973DDF57A513D7653D029F6E416EBA95A530DB89A220FF0B014650C0427A19F7041082830
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                                                                                                                                                                                                                                                                                                  Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Fa gb_2d gb_Pe gb_rd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Qd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_ld gb_pd gb_Hd gb_md\"\u003e\u003cdiv class\u003d\"gb_xd gb_sd\"\u003e\u003cdiv class\u003d\"gb_Kc gb_R\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Kc gb_Nc gb_R\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 511

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1395)
                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                  Size (bytes):117446
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.490775275046353
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:T2yvefrtJUEgK3Cvw3wWs/ZuTZVL/G1kL:T2y4tJbDK0L/G1kL
                                                                                                                                                                                                                                                                                                                  MD5:942EA4F96889BAE7D3C59C0724AB2208
                                                                                                                                                                                                                                                                                                                  SHA1:033DDF473319500621D8EBB6961C4278E27222A7
                                                                                                                                                                                                                                                                                                                  SHA-256:F59F7F32422E311462A6A6307D90CA75FE87FA11E6D481534A6F28BFCCF63B03
                                                                                                                                                                                                                                                                                                                  SHA-512:C3F27662D08AA00ECBC910C39F6429C2F4CBC7CB5FC9083F63390047BACAF8CD7A83C3D6BBE7718F699DAE2ADA486F9E0CAED59BC3043491EECD9734EC32D92F
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0"
                                                                                                                                                                                                                                                                                                                  Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([]);.var ca,da,ha,ma,xa,Aa,Ba;ca=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);ma=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}};.ma("Symbol",function(a){if(a)return a;var b

                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 512

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (2410)
                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                  Size (bytes):171795
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):5.5579117150428825
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:3072:fEP/ArfiIV/fxZXVg+Jt0VPEif4IPBuaIhUtOUZCXtXg92CMWpV/Q/jsVS7ni18y:fEPYuIV/fXXVgMt0VPEiwIPBuaIhUwU3
                                                                                                                                                                                                                                                                                                                  MD5:AD42D2897C24673C142FE27E2420797B
                                                                                                                                                                                                                                                                                                                  SHA1:8C2D5DA568A2C80024AF368A92F78363A6AD0F2F
                                                                                                                                                                                                                                                                                                                  SHA-256:5B779306CC4713B5A999A14FF302B7B9BC2FEC837BCE4CC7EF146B1A3DDC4928
                                                                                                                                                                                                                                                                                                                  SHA-512:3ECFCF36BC095B04AA612383003909FDD64819664F0DD00D1954432A445749B8ED8960E1C14CA5CD3310D8381B1ABFCC9140E429B93123DD9448FBF4E57A0110
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Bvq7OK2_7ZA.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTs9um7nM7ISNupfodds9-y7C7I4sA"
                                                                                                                                                                                                                                                                                                                  Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.Ri=function(a){if(4&a)return 4096&a?4096:8192&a?8192:0};_.Si=class extends _.Q{constructor(a){super(a)}};.}catch(e){_._DumpException(e)}.try{.var Ti,Wi,Xi,Zi,$i,cj;Ti=function(){return typeof BigInt==="function"};Wi=function(a){const b=a>>>0;_.Ui=b;_.Vi=(a-b)/4294967296>>>0};Xi=function(a,b){b=~b;a?a=~a+1:b+=1;return[a,b]};_.Yi=function(a){if(a<0){Wi(-a);const [b,c]=Xi(_.Ui,_.Vi);_.Ui=b>>>0;_.Vi=c>>>0}else Wi(a)};Zi=function(a){a=String(a);return"0000000".slice(a.length)+a};.$i=function(a,b){b>>>=0;a>>>=0;if(b<=2097151)var c=""+(4294967296*b+a);else Ti()?c=""+(BigInt(b)<<BigInt(32)|BigInt(a)):(c=(a>>>24|b<<8)&16777215,b=b>>16&65535,a=(a&16777215)+c*6777216+b*6710656,c+=b*8147497,b*=2,a>=1E7&&(c+=a/1E7>>>0,a%=1E7),c>=1E7&&(b+=c/1E7>>>0,c%=1E7),c=b+Zi(c)+Zi(a));return c};_.aj=function(a,b){if(b&2147483648)if(Ti())a=""+(BigInt(b|0)<<BigInt(32)|BigInt(a>>>0));else{const [c,d]=Xi(a,b);a="-"+$i(c,d)}else a=$i(a,b);return a};._.bj

                                                                                                                                                                                                                                                                                                                  Chrome Cache Entry: 513

                                                                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                  File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                  Category:downloaded
                                                                                                                                                                                                                                                                                                                  Size (bytes):1660
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):4.301517070642596
                                                                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                                                                  SSDEEP:48:A/S9VU5IDhYYmMqPLmumtrYW2DyZ/jTq9J:A2VUSDhYYmM5trYFw/jmD
                                                                                                                                                                                                                                                                                                                  MD5:554640F465EB3ED903B543DAE0A1BCAC
                                                                                                                                                                                                                                                                                                                  SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                                                                                                                                                                                                                                                                                                                  SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                                                                                                                                                                                                                                                                                                                  SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                                                                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                                                                  URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                                                                                                                                                                                                                                                                                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                                                                                                                                                                                                                                                                                                                  Static File Info

                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                  File type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                                                                  Entropy (8bit):6.310522978397857
                                                                                                                                                                                                                                                                                                                  TrID:
                                                                                                                                                                                                                                                                                                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                  • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                  File name:SecuriteInfo.com.Win32.Trojan.Agent.U8LJFD.31222.29577.exe
                                                                                                                                                                                                                                                                                                                  File size:5'340'672 bytes
                                                                                                                                                                                                                                                                                                                  MD5:7ca1a467d3565e8827428ac7be5b7bf6
                                                                                                                                                                                                                                                                                                                  SHA1:63a893bf674933c34cbe216b49722ad18d625fc6
                                                                                                                                                                                                                                                                                                                  SHA256:efbd528c8ed8c5253b5e191eedc85e30f75778a417b5f427da115e7f44d9dd47
                                                                                                                                                                                                                                                                                                                  SHA512:9be0926ef5c388853cd7560afdbd97d0f47265b3bef47cefbaaa65c33593e2eb525da9f58079c9411e87ad4a184eff49021fc982bfafe030a55272a311228720
                                                                                                                                                                                                                                                                                                                  SSDEEP:49152:YVotF0OLNzFMg3PVyj+ikV/rX/qyzPKO93t0jc6MVh3dd6vE/68u86k1G:YsmOLTJVySl5rFPKOH/IL
                                                                                                                                                                                                                                                                                                                  TLSH:01364A90FACB44F5EA03193118A7A27F67346D099B35DBC7EA107F59F8336A20D36219
                                                                                                                                                                                                                                                                                                                  File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........|Q...............'......... q........L...@...........................T...........@................................

                                                                                                                                                                                                                                                                                                                  File Icon

                                                                                                                                                                                                                                                                                                                  Icon Hash:00928e8e8686b000

                                                                                                                                                                                                                                                                                                                  Static PE Info

                                                                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                                                                  Entrypoint:0x467120
                                                                                                                                                                                                                                                                                                                  Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                  Digitally signed:false
                                                                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                  Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                  Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE, DEBUG_STRIPPED
                                                                                                                                                                                                                                                                                                                  DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                  Time Stamp:0x0 [Thu Jan 1 00:00:00 1970 UTC]
                                                                                                                                                                                                                                                                                                                  TLS Callbacks:
                                                                                                                                                                                                                                                                                                                  CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                  OS Version Major:6
                                                                                                                                                                                                                                                                                                                  OS Version Minor:1
                                                                                                                                                                                                                                                                                                                  File Version Major:6
                                                                                                                                                                                                                                                                                                                  File Version Minor:1
                                                                                                                                                                                                                                                                                                                  Subsystem Version Major:6
                                                                                                                                                                                                                                                                                                                  Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                  Import Hash:9cbefe68f395e67356e2a5d8d1b285c0

                                                                                                                                                                                                                                                                                                                  Entrypoint Preview

                                                                                                                                                                                                                                                                                                                  Instruction
                                                                                                                                                                                                                                                                                                                  jmp 00007F1174BEF6F0h
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  mov ecx, dword ptr [esp+04h]
                                                                                                                                                                                                                                                                                                                  sub esp, 28h
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+1Ch], ebx
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+10h], ebp
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+14h], esi
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+18h], edi
                                                                                                                                                                                                                                                                                                                  mov esi, eax
                                                                                                                                                                                                                                                                                                                  mov edx, dword ptr fs:[00000014h]
                                                                                                                                                                                                                                                                                                                  cmp edx, 00000000h
                                                                                                                                                                                                                                                                                                                  jne 00007F1174BF1A29h
                                                                                                                                                                                                                                                                                                                  mov eax, 00000000h
                                                                                                                                                                                                                                                                                                                  jmp 00007F1174BF1A86h
                                                                                                                                                                                                                                                                                                                  mov edx, dword ptr [edx+00000000h]
                                                                                                                                                                                                                                                                                                                  cmp edx, 00000000h
                                                                                                                                                                                                                                                                                                                  jne 00007F1174BF1A27h
                                                                                                                                                                                                                                                                                                                  call 00007F1174BF1B19h
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+20h], edx
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+24h], esp
                                                                                                                                                                                                                                                                                                                  mov ebx, dword ptr [edx+18h]
                                                                                                                                                                                                                                                                                                                  mov ebx, dword ptr [ebx]
                                                                                                                                                                                                                                                                                                                  cmp edx, ebx
                                                                                                                                                                                                                                                                                                                  je 00007F1174BF1A3Ah
                                                                                                                                                                                                                                                                                                                  mov ebp, dword ptr fs:[00000014h]
                                                                                                                                                                                                                                                                                                                  mov dword ptr [ebp+00000000h], ebx
                                                                                                                                                                                                                                                                                                                  mov edi, dword ptr [ebx+1Ch]
                                                                                                                                                                                                                                                                                                                  sub edi, 28h
                                                                                                                                                                                                                                                                                                                  mov dword ptr [edi+24h], esp
                                                                                                                                                                                                                                                                                                                  mov esp, edi
                                                                                                                                                                                                                                                                                                                  mov ebx, dword ptr [ecx]
                                                                                                                                                                                                                                                                                                                  mov ecx, dword ptr [ecx+04h]
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp], ebx
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+04h], ecx
                                                                                                                                                                                                                                                                                                                  mov dword ptr [esp+08h], edx
                                                                                                                                                                                                                                                                                                                  call esi
                                                                                                                                                                                                                                                                                                                  mov eax, dword ptr [esp+0Ch]
                                                                                                                                                                                                                                                                                                                  mov esp, dword ptr [esp+24h]
                                                                                                                                                                                                                                                                                                                  mov edx, dword ptr [esp+20h]
                                                                                                                                                                                                                                                                                                                  mov ebp, dword ptr fs:[00000014h]
                                                                                                                                                                                                                                                                                                                  mov dword ptr [ebp+00000000h], edx
                                                                                                                                                                                                                                                                                                                  mov edi, dword ptr [esp+18h]
                                                                                                                                                                                                                                                                                                                  mov esi, dword ptr [esp+14h]
                                                                                                                                                                                                                                                                                                                  mov ebp, dword ptr [esp+10h]
                                                                                                                                                                                                                                                                                                                  mov ebx, dword ptr [esp+1Ch]
                                                                                                                                                                                                                                                                                                                  add esp, 28h
                                                                                                                                                                                                                                                                                                                  retn 0004h
                                                                                                                                                                                                                                                                                                                  ret
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                                                                                  mov ecx, dword ptr [esp+04h]
                                                                                                                                                                                                                                                                                                                  mov edx, dword ptr [ecx]
                                                                                                                                                                                                                                                                                                                  mov eax, esp

                                                                                                                                                                                                                                                                                                                  Data Directories

                                                                                                                                                                                                                                                                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x5270000x3dc.idata
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x5280000x1ef24.reloc
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x4c19600xa0.data
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                  Sections

                                                                                                                                                                                                                                                                                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                  .text0x10000x271ba50x271c00eb4a1ba4930dcfbe9a04f5252898c3ddunknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                  .rdata0x2730000x24de500x24e0001763582f5a846beb999996be4c35e129unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                  .data0x4c10000x659480x38800bf94f6701c7554b0651abaccdd5ffc0cFalse0.44845824115044247data5.6752071792678IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                  .idata0x5270000x3dc0x400d3be31d60a3917e34f14beb8989728b1False0.4853515625data4.57553145330045IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                  .reloc0x5280000x1ef240x1f0001a8b6f986de26307e7a9717956164f98False0.5754158266129032data6.644036659288542IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                  .symtab0x5470000x40x20007b5472d347d42780469fb2654b7fc54False0.02734375data0.020393135236084953IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                  Imports

                                                                                                                                                                                                                                                                                                                  DLLImport
                                                                                                                                                                                                                                                                                                                  kernel32.dllWriteFile, WriteConsoleW, WaitForMultipleObjects, WaitForSingleObject, VirtualQuery, VirtualFree, VirtualAlloc, SwitchToThread, SuspendThread, SetWaitableTimer, SetUnhandledExceptionFilter, SetProcessPriorityBoost, SetEvent, SetErrorMode, SetConsoleCtrlHandler, ResumeThread, PostQueuedCompletionStatus, LoadLibraryA, LoadLibraryW, SetThreadContext, GetThreadContext, GetSystemInfo, GetSystemDirectoryA, GetStdHandle, GetQueuedCompletionStatusEx, GetProcessAffinityMask, GetProcAddress, GetEnvironmentStringsW, GetConsoleMode, FreeEnvironmentStringsW, ExitProcess, DuplicateHandle, CreateWaitableTimerExW, CreateThread, CreateIoCompletionPort, CreateFileA, CreateEventA, CloseHandle, AddVectoredExceptionHandler

                                                                                                                                                                                                                                                                                                                  Network Behavior

                                                                                                                                                                                                                                                                                                                  Suricata IDS Alerts

                                                                                                                                                                                                                                                                                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:08.658878+01002859378ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M21192.168.2.65000388.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:10.222198+01002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M11192.168.2.65000488.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:11.541819+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config188.99.124.230443192.168.2.650005TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:12.880206+01002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1188.99.124.230443192.168.2.650006TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:14.303197+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65000788.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:15.385430+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65000888.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:23.676222+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65003988.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:24.416778+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65004188.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:24.416778+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65004188.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:25.549250+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65004288.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:25.549250+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65004288.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:26.489923+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65004388.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:26.489923+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65004388.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:28.361598+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65004488.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:34.439021+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65006088.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:35.263855+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65007988.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:35.263855+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65007988.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:36.199965+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65008388.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:36.199965+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65008388.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:38.324431+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65010688.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:38.324431+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65010688.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:39.583834+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65012588.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:39.583834+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65012588.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:40.898262+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65014488.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:40.898262+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65014488.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:41.999665+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65014688.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:41.999665+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.65014688.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:46.922489+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65015088.99.124.230443TCP
                                                                                                                                                                                                                                                                                                                  2025-02-13T08:36:50.346744+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.65015188.99.124.230443TCP

                                                                                                                                                                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                                                                                                                                                                  TCP Packets

                                                                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:18.819749117 CET4434971640.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:18.820014954 CET4434971640.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:18.820121050 CET49716443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:18.820297956 CET49716443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:18.820341110 CET4434971640.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:20.594834089 CET49674443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:20.594836950 CET49673443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:20.876125097 CET49672443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:30.208153009 CET49673443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:30.208182096 CET49674443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:30.489481926 CET49672443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:32.131299019 CET44349706173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:32.131561041 CET49706443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.019293070 CET49706443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.019293070 CET49706443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.024182081 CET44349706173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.024194956 CET44349706173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.026017904 CET49843443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.026047945 CET44349843173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.026128054 CET49843443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.026495934 CET49843443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.026508093 CET44349843173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.627708912 CET44349843173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:42.627799034 CET49843443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:45.390630960 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:45.390682936 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:45.390827894 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:45.391803026 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:45.391824961 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.200702906 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.200783968 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.204427958 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.204444885 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.204701900 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.208414078 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.208499908 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.208508968 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.208810091 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.251333952 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.392121077 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.392327070 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.392388105 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.392479897 CET49864443192.168.2.640.113.103.199
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:46.392498970 CET4434986440.113.103.199192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.436520100 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.436567068 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.436703920 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.436739922 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.436846018 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.436850071 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.452200890 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.452207088 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.452224016 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.452240944 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.536060095 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.536099911 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.538496017 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.539043903 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.539066076 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.542963028 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.542985916 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.543113947 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.543503046 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:49.543515921 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.031433105 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.031554937 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.040731907 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.040749073 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.041043043 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.041050911 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.041088104 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.041178942 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.058650017 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.058752060 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.062206984 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.062223911 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.062377930 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.062388897 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.062978983 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.063044071 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.101008892 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.101093054 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.104331970 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.104341984 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.104501963 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.104511023 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.104681969 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.104739904 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.117790937 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.117919922 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.121735096 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.121747971 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.122045994 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.122055054 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.122068882 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.122365952 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.153804064 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.153829098 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.153897047 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.153971910 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.154000998 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.154016018 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.154090881 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181612968 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181678057 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181695938 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181710005 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181730032 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181730986 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181791067 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181799889 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181813955 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.181842089 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.208301067 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.208343983 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.208368063 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.208373070 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.208389997 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.208404064 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.208472967 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.227679968 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.227701902 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.227715015 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.227737904 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.227756977 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.227973938 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.227973938 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.237243891 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.237272978 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.237338066 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.237358093 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.237382889 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.237468004 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.238269091 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.238285065 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.238444090 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.238464117 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.238526106 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.268970013 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.269006014 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.269056082 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.269088984 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.269109011 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.269129992 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.270654917 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.270682096 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.270719051 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.270734072 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.270767927 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.270787001 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.293771029 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.293817043 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.293865919 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.293893099 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.293935061 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.293951988 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.294934988 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.294956923 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.295021057 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.295030117 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.295057058 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.320447922 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.320475101 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.321042061 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.321053028 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.321337938 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.324327946 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.324357986 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.324404955 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.324419022 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.324472904 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.324472904 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.325196028 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.325215101 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.326628923 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.326636076 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.326724052 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.326735020 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.326755047 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.327334881 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.327339888 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.327614069 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.327841043 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.327862024 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.327939034 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.327939034 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.327944040 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.328805923 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360141993 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360176086 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360229015 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360264063 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360281944 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360308886 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360872984 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360893965 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360941887 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360950947 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360970020 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.360991001 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.361614943 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.361644030 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.361691952 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.361700058 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.361721039 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.361743927 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.362428904 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.362449884 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.362512112 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.362519979 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.362560987 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.378142118 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.378173113 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.378231049 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.378249884 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.378282070 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.379735947 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.379760027 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.379806995 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.379812956 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.379848003 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.379865885 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.380853891 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.380877018 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.380954981 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.380954981 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.380961895 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.380995989 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.382721901 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.382742882 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.382777929 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.382782936 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.382817984 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.405908108 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.405930996 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.406137943 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.406148911 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.406219006 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.407183886 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.407200098 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.407284021 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.407284021 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.407290936 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.407329082 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.408890009 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.408905983 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.410042048 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.410048008 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.410605907 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.410886049 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.410901070 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.410950899 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.410963058 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.411015034 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.411015034 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.411506891 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.411565065 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.411616087 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.411616087 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.411632061 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.411756039 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412085056 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412101984 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412141085 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412158012 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412208080 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412209034 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412754059 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412770033 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412939072 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.412945032 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.413053989 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.413654089 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.413666964 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.413763046 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.413763046 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.413769960 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.413840055 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.414413929 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.414429903 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.414506912 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.414506912 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.414511919 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.414726973 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.415225983 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.415244102 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.415303946 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.415307999 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.415332079 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.415348053 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.416039944 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.416055918 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.416294098 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.416299105 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.416402102 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.451694965 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.451749086 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.451766014 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.451788902 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.451807976 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.451827049 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.452380896 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.452404022 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.452433109 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.452440023 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.452462912 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.452481031 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.453319073 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.453340054 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.453389883 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.453398943 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.453422070 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.453443050 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.454005003 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.454024076 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.454073906 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.454082012 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.454113960 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.454137087 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.454998016 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455019951 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455066919 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455075026 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455112934 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455126047 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455269098 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455288887 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455332041 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455338955 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455388069 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.455410957 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.456104994 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.456124067 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.456170082 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.456177950 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.456231117 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.464713097 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.464761972 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.464783907 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.464792967 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.464823008 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.464840889 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.466260910 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.466284037 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.466316938 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.466325045 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.466365099 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.467439890 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.467463017 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.467489958 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.467497110 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.467528105 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.467542887 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.468499899 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.468528032 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.468559980 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.468564987 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.468588114 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.468606949 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.470393896 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.470422983 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.470483065 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.470489979 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.470525980 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.471566916 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.471586943 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.471625090 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.471631050 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.471673965 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.473397970 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.473418951 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.473478079 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.473484039 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.473519087 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.496717930 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.496738911 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.496789932 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.496804953 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.496845007 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.496866941 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497210026 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497251034 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497277975 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497283936 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497318029 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497318029 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497864008 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497878075 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497937918 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497937918 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497944117 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.497999907 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.498570919 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.498585939 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.498635054 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.498646975 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.498661995 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.498719931 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.498949051 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.498961926 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499020100 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499026060 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499294996 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499825954 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499854088 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499892950 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499902964 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499958038 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.499958038 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.500178099 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.500205040 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.500406027 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.500458002 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.500458002 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.500468016 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.500556946 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.501036882 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.501071930 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.501102924 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.501111031 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.501128912 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.501163006 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.501163006 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.514890909 CET49893443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.514909983 CET44349893150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.539397955 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.539423943 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.539516926 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.539516926 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.539532900 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.539597988 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543117046 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543148994 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543203115 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543226957 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543246984 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543265104 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543351889 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543379068 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543409109 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543416977 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543443918 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543471098 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543837070 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543859959 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543896914 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543903112 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.543937922 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544332981 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544353008 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544383049 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544389963 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544415951 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544433117 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544787884 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544811964 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544850111 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544857025 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544888020 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.544905901 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.545069933 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.545111895 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.545141935 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.545177937 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551322937 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551354885 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551395893 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551403999 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551457882 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551659107 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551677942 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551712036 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551717043 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551745892 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.551764965 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552078009 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552098989 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552134037 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552138090 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552172899 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552548885 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552567959 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552603960 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552611113 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.552654028 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553111076 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553131104 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553167105 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553172112 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553208113 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553442001 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553462029 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553487062 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553491116 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553515911 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.553534031 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.556065083 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.556086063 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.556158066 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.556169033 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.556202888 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.589581966 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.589598894 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.589668036 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.589682102 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.589786053 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590078115 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590092897 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590133905 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590147972 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590197086 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590591908 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590605974 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590679884 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590679884 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590691090 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590944052 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590961933 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590991974 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590991974 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.590997934 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.591303110 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.591303110 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.591512918 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.591525078 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.591628075 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.591633081 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592255116 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592364073 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592377901 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592474937 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592513084 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592530966 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592530966 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592538118 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592752934 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.592752934 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.593733072 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.593754053 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.593794107 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.593808889 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.593852043 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.599133015 CET49894443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.599144936 CET44349894150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.638497114 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.638521910 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.638573885 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.638581991 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.638746977 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.639043093 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.639062881 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.639090061 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.639095068 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.639137983 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.639137983 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641222000 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641244888 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641278028 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641284943 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641313076 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641330004 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641864061 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641880035 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641911983 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641916990 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.641958952 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.642287970 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.642307997 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.642333984 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.642338991 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.642368078 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.642390013 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643030882 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643049002 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643084049 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643089056 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643117905 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643131971 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643135071 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643145084 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643161058 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643167019 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643193960 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643198967 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643220901 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.643235922 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680290937 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680314064 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680368900 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680377960 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680413961 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680434942 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680737972 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680753946 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680802107 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.680807114 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.681015968 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.681423903 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.681443930 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.681477070 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.681480885 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.681514025 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.681941986 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.681961060 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.682030916 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.682035923 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.682102919 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.682462931 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.682477951 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.682531118 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.682534933 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.682578087 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683116913 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683130980 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683203936 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683207989 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683355093 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683640957 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683656931 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683715105 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683720112 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.683819056 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684282064 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684297085 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684362888 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684366941 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684396982 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684659958 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684681892 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684731960 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684747934 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684772015 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.684791088 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728081942 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728107929 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728188038 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728264093 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728305101 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728405952 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728687048 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728693962 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728787899 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.728804111 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.729731083 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.729757071 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.729837894 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.729852915 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.729882002 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.729902029 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.729971886 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.729990959 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730027914 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730046034 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730071068 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730190992 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730197906 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730210066 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730232954 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730245113 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730279922 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730297089 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730320930 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.730453014 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731384993 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731405020 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731477022 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731487989 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731518030 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731537104 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731548071 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731565952 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731601000 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731611967 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731645107 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.731666088 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.746826887 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.746879101 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.747594118 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.749192953 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.749211073 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.767694950 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.767730951 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.767800093 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.767816067 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.767848015 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.767863989 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768346071 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768369913 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768414021 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768430948 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768464088 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768482924 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768688917 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768712044 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768757105 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768763065 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768810034 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.768810034 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769185066 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769201994 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769269943 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769277096 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769527912 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769619942 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769635916 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769675970 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769680977 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769707918 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.769722939 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770054102 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770071030 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770132065 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770138979 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770173073 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770191908 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770411968 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770426989 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770476103 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770481110 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770510912 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770530939 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770925045 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.770940065 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771006107 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771013021 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771092892 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771344900 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771358013 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771409988 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771415949 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771445990 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.771462917 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.791640043 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.791702986 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.791801929 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.792671919 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.792704105 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.812285900 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.812346935 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.812401056 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.812503099 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.812504053 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.812504053 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.815068007 CET49901443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.815118074 CET44349901150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.821027994 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.821058989 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.821182013 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.822283983 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.822302103 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859034061 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859057903 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859119892 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859133959 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859153986 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859174967 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859510899 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859525919 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859559059 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859565020 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859600067 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859615088 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.859994888 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860008955 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860054970 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860059977 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860088110 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860096931 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860560894 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860574961 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860619068 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860622883 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860652924 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860658884 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.860996008 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861010075 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861047029 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861051083 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861083984 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861102104 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861845970 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861860037 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861917019 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861922026 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861942053 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861955881 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.861999989 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.862004995 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.862013102 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.862041950 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.862200022 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.862240076 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.862294912 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.889244080 CET49900443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:50.889256954 CET44349900150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.321130991 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.321324110 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.360517025 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.360532999 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.361037016 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.361044884 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.381231070 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.381325960 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.383366108 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.383431911 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.399606943 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.399615049 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.400285006 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.400301933 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.400427103 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.400434017 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.400542974 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.400547028 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.477861881 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.477931976 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.477972031 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.477978945 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.477999926 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.478013992 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.478240013 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.511279106 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.511302948 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.511327028 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.511367083 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.511404037 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.511415005 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.511516094 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.517029047 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.517092943 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.517138958 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.517194033 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.517194033 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.517230988 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.517246962 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.517282963 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.561609983 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.561685085 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.561747074 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.561772108 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.561805010 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.561826944 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.563091040 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.563138008 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.563182116 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.563189030 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.563225985 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.600629091 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.600650072 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.600749969 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.600759029 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.600804090 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.602940083 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.602956057 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.603022099 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.603029966 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.603199959 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.605484962 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.605559111 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.605612993 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.605628014 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.605658054 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.605686903 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.606448889 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.606498003 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.606539011 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.606544971 CET44349910150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.606586933 CET49910443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.649885893 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.649960041 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650018930 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650043011 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650072098 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650096893 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650697947 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650742054 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650775909 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650783062 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650815010 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.650830030 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.652486086 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.652539015 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.652582884 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.652589083 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.652636051 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.690643072 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.690661907 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.690741062 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.690748930 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.690809965 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.691662073 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.691677094 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.691734076 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.691741943 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.691786051 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.692445993 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.692466974 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.692507982 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.692514896 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.692548037 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.692564964 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.693478107 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.693500042 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.693584919 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.693598032 CET44349911150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.693640947 CET49911443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.694243908 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.694313049 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.694330931 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.694338083 CET44349909150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.694354057 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.694391966 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.694391966 CET49909443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                                                                  Feb 13, 2025 08:35:51.698405027 CET44349910150.171.27.10192.16